www.thestar.com Open in urlscan Pro
143.204.98.39 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On February 14 via api (February 14th 2022, 12:13:03 pm UTC) from IT — Scanned from IT

Summary HTTP 351 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 83 IPs in 9 countries across 60 domains to perform 351 HTTP transactions. The main IP is 143.204.98.39, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 49527.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 55	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
3	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
9	18.66.248.75 18.66.248.75	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:451	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.21.143.57 2.21.143.57	16625 (AKAMAI-AS) (AKAMAI-AS)
12	18.66.248.22 18.66.248.22	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	3.91.210.140 3.91.210.140	14618 (AMAZON-AES) (AMAZON-AES)
1	158.101.193.104 158.101.193.104	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	108.157.4.110 108.157.4.110	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
6	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1	18.66.107.43 18.66.107.43	16509 (AMAZON-02) (AMAZON-02)
1	34.254.48.82 34.254.48.82	16509 (AMAZON-02) (AMAZON-02)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:224... 2600:9000:224a:d400:b:bed1:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.66.248.24 18.66.248.24	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
1	18.66.242.202 18.66.242.202	16509 (AMAZON-02) (AMAZON-02)
1	18.66.242.164 18.66.242.164	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	52.139.4.139 52.139.4.139	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.240.134.29 34.240.134.29	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:fb:... 2a02:26f0:fb::5f64:996a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.245.59 18.66.245.59	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
1	52.212.232.57 52.212.232.57	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
2	65.9.78.2 65.9.78.2	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.0.33.234 23.0.33.234	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
9	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9969	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.215.5.235 18.215.5.235	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:fb:... 2a02:26f0:fb:5aa::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 4	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
10	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9951	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.194.29.203 54.194.29.203	16509 (AMAZON-02) (AMAZON-02)
1 5	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c23c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	40.76.174.66 40.76.174.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	40.91.78.9 40.91.78.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
351	83

55 143.204.98.39 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.248.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-75.dus51.r.cloudfront.net

e377.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.248.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-22.dus51.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.91.210.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-210-140.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.193.104 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.157.4.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-110.dus51.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-43.fra56.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.48.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-48-82.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:224a:d400:b:bed1:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

beijijngmedals.thecanadianpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.248.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-24.dus51.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-202.dus51.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-164.dus51.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.139.4.139 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.134.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-134-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:fb::5f64:996a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-59.dus51.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.232.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-232-57.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.78.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-2.ams1.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

torontostar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:fb::5f64:9969 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.215.5.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-5-235.compute-1.amazonaws.com

vguamh182d.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

pr.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beap-bc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:5aa::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:fb::5f64:9951 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.29.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-29-203.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.141.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c23c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.174.66 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.91.78.9 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	thestar.com 3 redirects www.thestar.com — Cisco Umbrella Rank: 49527 e377.thestar.com — Cisco Umbrella Rank: 188094 images.thestar.com — Cisco Umbrella Rank: 74311 resources.thestar.com — Cisco Umbrella Rank: 152667 misc.thestar.com — Cisco Umbrella Rank: 546329 s.thestar.com — Cisco Umbrella Rank: 187767 api.thestar.com — Cisco Umbrella Rank: 206968	2 MB
30	googlesyndication.com a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	255 KB
24	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 108649 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 292767 img.sportradar.com — Cisco Umbrella Rank: 112776	684 KB
18	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9099 query.petametrics.com — Cisco Umbrella Rank: 9950	67 KB
17	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 245338 ad.doubleclick.net — Cisco Umbrella Rank: 167 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	196 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	86 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	221 KB
10	thecanadianpress.com beijijngmedals.thecanadianpress.com — Cisco Umbrella Rank: 179098	318 KB
9	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654 pr.ybp.yahoo.com — Cisco Umbrella Rank: 721 beap-bc.yahoo.com — Cisco Umbrella Rank: 649	5 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 32314	26 KB
6	permutive.com api.permutive.com — Cisco Umbrella Rank: 1845	1 KB
6	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 350	6 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4387	110 KB
6	moatads.com sejs.moatads.com — Cisco Umbrella Rank: 4368 mb.moatads.com — Cisco Umbrella Rank: 567 z.moatads.com — Cisco Umbrella Rank: 330 px.moatads.com — Cisco Umbrella Rank: 390	145 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	124 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	218 KB
4	clarity.ms 1 redirects d.clarity.ms — Cisco Umbrella Rank: 2006 c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	13 KB
4	pinterest.it www.pinterest.it — Cisco Umbrella Rank: 104205	15 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 436	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	40 KB
4	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 591 analytics.twitter.com — Cisco Umbrella Rank: 468	1 KB
4	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 49806 elb.the-ozone-project.com — Cisco Umbrella Rank: 9924	311 KB
3	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 810 www.pinterest.com — Cisco Umbrella Rank: 1008	1 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 802	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 187 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 186930	5 KB
3	ontario.ca data.ontario.ca — Cisco Umbrella Rank: 471336	89 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	t.co t.co — Cisco Umbrella Rank: 456	534 B
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 667	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	425 B
2	google.it adservice.google.it — Cisco Umbrella Rank: 43233 www.google.it — Cisco Umbrella Rank: 19885	1 KB
2	amazonaws.com vguamh182d.execute-api.us-east-1.amazonaws.com	17 KB
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 427 as-sec.casalemedia.com — Cisco Umbrella Rank: 1146	801 B
2	gstatic.com fonts.gstatic.com	72 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2498 p1.parsely.com — Cisco Umbrella Rank: 1996	26 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	districtm.io hb.districtm.io — Cisco Umbrella Rank: 70016 dmx.districtm.io — Cisco Umbrella Rank: 1164	346 B
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 218173	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	11 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1467	125 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1387	8 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 372	849 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 716	14 KB
1	openx.net torontostar-d.openx.net — Cisco Umbrella Rank: 265956	438 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	543 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 739	328 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 881	517 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 618	39 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 57230	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 228246	487 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 177569	440 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 171886	139 KB
351	60

	Domain	Requested by
55	www.thestar.com	3 redirects www.thestar.com
17	query.petametrics.com	www.thestar.com
16	tpc.googlesyndication.com	www.thestar.com securepubads.g.doubleclick.net a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com cdn.ampproject.org ad.doubleclick.net tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.thestar.com ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
12	images.thestar.com	www.thestar.com
10	s0.2mdn.net	ad.doubleclick.net s0.2mdn.net www.thestar.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	beijijngmedals.thecanadianpress.com	www.thestar.com beijijngmedals.thecanadianpress.com
9	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
9	e377.thestar.com	www.thestar.com e377.thestar.com
8	img.sportradar.com	www.thestar.com
8	resources.thestar.com	www.thestar.com resources.thestar.com
7	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
6	www.google.com	2 redirects www.thestar.com a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com tpc.googlesyndication.com
6	c2shb.ssp.yahoo.com	js-sec.indexww.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thestar.com
6	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	www.googletagservices.com	www.thestar.com a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com pr.ybp.yahoo.com www.googletagservices.com s0.2mdn.net
5	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
4	www.pinterest.it	s.pinimg.com www.thestar.com
4	secure.adnxs.com	js-sec.indexww.com
4	fastlane.rubiconproject.com	js-sec.indexww.com
4	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
4	misc.thestar.com	www.thestar.com misc.thestar.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	googleads4.g.doubleclick.net	ad.doubleclick.net
3	googleads.g.doubleclick.net	www.thestar.com www.googleadservices.com
3	unpkg.com	2 redirects www.thestar.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	data.ontario.ca	misc.thestar.com
3	analytics.twitter.com	platform.twitter.com static.ads-twitter.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	t.co	www.thestar.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	c.clarity.ms	1 redirects
2	d.clarity.ms	bat.bing.com d.clarity.ms
2	px.ads.linkedin.com	2 redirects
2	px.moatads.com	www.thestar.com
2	ct.pinterest.com	s.pinimg.com www.thestar.com
2	ad.doubleclick.net	www.googletagservices.com www.thestar.com
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com	www.thestar.com
2	pr.ybp.yahoo.com	www.thestar.com a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
2	a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	vguamh182d.execute-api.us-east-1.amazonaws.com	beijijngmedals.thecanadianpress.com
2	api.thestar.com	www.thestar.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s.thestar.com	resources.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	fonts.googleapis.com	misc.thestar.com client
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	z.moatads.com	sejs.moatads.com www.thestar.com
2	ib.adnxs.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app js-sec.indexww.com
2	torstar.blueconic.net	e377.thestar.com
2	static.ads-twitter.com	www.thestar.com
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	alb.reddit.com
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	www.pinterest.com	1 redirects
1	elb.the-ozone-project.com	prebid.the-ozone-project.com
1	beap-bc.yahoo.com	cdn.js7k.com
1	www.google.it	www.thestar.com
1	s.yimg.com	a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.js7k.com	pr.ybp.yahoo.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.it	securepubads.g.doubleclick.net
1	dmx.districtm.io	js-sec.indexww.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	torontostar-d.openx.net	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	p1.parsely.com	www.thestar.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	hb.districtm.io	www.thestar.com
1	js-sec.indexww.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	mb.moatads.com	sejs.moatads.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	torstar.gscontxt.net	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
351	97

This site contains links to these domains. Also see Links.

Domain
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-09-20` - `2022-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
bc.thespec.com Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.prmutv.co R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.permutive.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2021-02-15` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.thecanadianpress.com Amazon	`2021-07-30` - `2022-08-28`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn-stackpath.petametrics.com R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2021-10-01` - `2022-10-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.liftigniter.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-20` - `2022-08-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2021-11-16` - `2022-12-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
fn.sportradar.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
*.google.it GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
img.sportradar.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.ozpr.net Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 61A5936C8303249E4602682D85F92D6C
Requests: 250 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 37F83495A11D3C9B343DA52B1512D703
Requests: 1 HTTP requests in this frame

Frame: https://beijijngmedals.thecanadianpress.com/
Frame ID: 5CDF6210FDDF2F6C555226AE2088B37D
Requests: 12 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Frame ID: 69B8F4FF58BA4C47417625A52F825ECC
Requests: 9 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: DBB6A924005E9AD5ADDE0730DD8368FE
Requests: 1 HTTP requests in this frame

Frame: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 10244B22B52DFBD10E64E05EE3A06F91
Requests: 1 HTTP requests in this frame

Frame: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F16C428D1F1E1AAAD7954A6FB39363A3
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 073E655DD33CF594F3EF3648EA6DC0AC
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: BAA680355B1683F831B103F8FFF3CDF8
Requests: 14 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: C6722273D7A833CE3147514085764042
Requests: 2 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N955713.3624834DISPLAYVERIZONMED/B22262727.276130212;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=716780864;ord=ttml4i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCbvXURkcKYp-UOMHB3gPam7DADaCA3Ktc-q22heoGwI23ARABIABg_YKRhOgRggEXY2EtcHViLTgxODg0MzE0MjU1MDk5OTfIAQngAgCoAwGqBI4CT9DGN4eBNXT_zE5yLCLCXPMm1L1EHe8Bu33FV5KVC-6Sn_mdvf-9GDzsQiKwkELu_jTPT4ehmptm4NZkv5LyrR-OyTBclGzoKTIWD59NOHvjdQgtl2TYN-NIo3A6khrjih2DqNGMBzjN8GbPF7LyHj2TAyFuy6TusDO7XDE8WnN-XB3PGTizR-cUzZj2opn30ZbeEt5V_9aCLBbL8VY-N_3V8ecnw1APJequ2OfMAf1Afe8PmGjEYMADeTFv30PmePA647GbvZTe1xHeHxROEjbTLssamlMUTXO0bc-LDJyEvfsruxF8PURqvumKs3KN3f-dNhtx-l5KhujdVDJukGUPB5tCW94JKHAcd8NG4AQBgAai2eOBtKa2xO8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08mX0g3h0dV-C29KQt3BhOHTrEeQ%26client%3Dca-pub-8188431425509997%26adurl%3Dhttps%3A%2F%2Fpr.ybp.yahoo.com%2Fcj%2Fcd%2FAHHofuxjSPQPt-4oKtx_E2r3QfXb7e71-WgPv6rUrSts8C9-BDP2zCljeptUnqZpbg0f6PIsMNZulnYxyghZErpTI_apN9VcP4hfGma_yjGlaPZfzKWTxkg1aYGamXQokxUfzOnQZAwlg-ptVtV7vA4KD5O345RPDuK4_mQDdnvHFWmZo0DQknYY5WrfWf7YR2V9psn8YaVXPM8GdOwXrxygJM172Hi6mLs2ScPW5JV-fVfPgZTBp2ieT1PB6mTY704-TAhi_UUhb29one4s3YpImho5G41J%2Frurl%2F;dcopt=rcl;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.thestar.com%2F$0;xdt=1;crlt=RDZc1tD_(!;sttr=207;prcl=s
Frame ID: 3AAF41F19C4BF48AA5C93BCF6C7CCBD5
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ECE99AFEE69F9580E75ABE274185CF67
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8FCAD9C7B54243B09E5FF95323D1985E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
Frame ID: 349A35F7F4CE31DDE10CB447DE6EF1E4
Requests: 9 HTTP requests in this frame

Frame: https://www.pinterest.it/ct.html
Frame ID: 999FC529BEBA76ED6E185E27BEC5829B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 728FED59B6043491EA9EE58652E74014
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD63A9C8A1405188D097BCC2E9976FC8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thestar.com | The Star | Canada's largest daily

Page URL History Show full URLs

http://www.thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

351
Requests

96 %
HTTPS

38 %
IPv6

60
Domains

97
Subdomains

83
IPs

9
Countries

5901 kB
Transfer

19058 kB
Size

80
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 91

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1644840774980&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840774980&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=

Request Chain 94

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 105

https://cm.everesttech.net/cm/dd?d_uuid=76553084876567545331039792265391362160 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAHfNAwQS

Request Chain 187

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 255

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 256

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 264

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 321

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.it/ct.html

Request Chain 338

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1644840780953%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQIZ5YsjL1PX6wAAAX74Jn9VvZkHLS3bQIptDVKE1rQEkmlDJz3qdi5yB7B2-VhPYzmJeQ

Request Chain 342

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=25BC2D46511C489189A85CC59E851A98&RedC=c.clarity.ms&MXFR=33CA9CECD4D662680F2C8DA7D0D66CE1 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25BC2D46511C489189A85CC59E851A98&MUID=15D283BF3ADD63341CB992F43B2C62AE

351 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://www.thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

407 KB
76 KB

51ms
50ms

Document
text/html

143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

129f20562669ea1f821116733d7575bd3889de52ccccc98517064605b722458e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Mon, 14 Feb 2022 12:11:57 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://amp.thestar.com
x-powered-by: Express
etag: W/"65c25-rVokLtCxYnN9q3JAZ9Wt8zUnO3M"
cache-control: max-age=180
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1ZFZ6BkuddzuOZUaADcHlKMalWsz0Xeb73haPyx8KnpdwaV715Gt2Q==
age: 54

Redirect headers

content-length: 0
location: https://www.thestar.com/?redirect=true
server: CloudFront
date: Mon, 14 Feb 2022 12:12:51 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 65nQgNZufkgkfWLOHQABUa4eAsJ6733oPI7PweVDximxjrfp0gzaDA==

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 45ms
44ms Font
font/ttf 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:40:23 GMT
content-encoding: gzip
age: 2137
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"6028-17eda5f9808"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DsRwbhkYw1FlgrzNEm-EgvQHxBfZ3RNo7pvIY57a3qAig3mSA_cIWw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 106ms
104ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:06:08 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 7603
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"478c-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: q30nMNF86zY8J22NSc0hgEHY8g8R7OC8ue3t8cKoN1SB5RP94EuJaw==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 64ms
61ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:04:04 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4764-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: aJC91UkMw8NLNhqDYez7DDOGprG2D39BadU_Ze2h2oCiWjdzAw0gfg==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 82ms
79ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:54:58 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4a6c-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: -j9CW60oBjd-1_YzJjEOBFxIoTdqBaEv-wJ4ZuSp0uTNwWn-cPQfgA==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 98ms
96ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:22:51 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4930-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7l1cK1mSiCyZsD7CjcAlQvtLDkEN4tYN6bdMCijYfD8I3ykev1h1Vw==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 86ms
84ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 08:15:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 14217
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d6f8-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: r2JPtLFh0J34PS3GDbJTf4q_AuQQRjCvwBjt5psySkFPg6T60Woegw==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 68ms
66ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:54:58 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d1a0-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7UXzZMvG136pMGAl9UGT9olniJTa0UNf8n1raVM8dD11MdcK1FKmSQ==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 49ms
47ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:44:49 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 1682
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"dc3c-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: BZhGD3TedXLXS4IgbeJJF_tGFHI3RHW9Jb_U-iX-CVgZfvEEnKQJSg==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 98ms
96ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:46:09 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 5202
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d610-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: tQAd04WF-XukoSZrZ_I6rW2BbquKe2bACILlG_gsDRq1vxAw_V8xdQ==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 106ms
105ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:43:48 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 1743
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d420-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Vtr53sorsA2GNISKxxcxzpASWrrckyxyKjfvPO_BwIIMzF81Y_DmEA==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 3 KB
3 KB 124ms
28ms Script
application/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfc07da9f01386f868f0b0baa0339bfcdcd1432fe97428b5285767cc93f932d4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 17:40:01 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:38:01 GMT
server: AmazonS3
age: 66854
etag: "b1f6929a77910bdc7794068149f9654f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3016
x-amz-cf-id: JK0YDzUlzzSiLPx1bmmRtpvAjpoDYVWIScOT17oVGGwSCAHeelRFxw==

GET
H2 200 script.js Show response
e377.thestar.com/ 138 KB
41 KB 123ms
33ms Script
text/javascript 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

764cb0379bb5cba7cbb9c93f087311ad085eba193b7f7c87e830bc36ff93cd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 17
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41116
x-xss-protection: 1; mode=block
last-modified: Sun, 13 Feb 2022 12:38:20 GMT
server: -
etag: 9aa681b056b6ae2d1fa7a158cc77ef84
content-type: text/javascript; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: VRfPK4LMIQvxqIOt-Xfw1x4DPvMqc2nOWB58A71-n9SnDfpusVheWA==
expires: Mon, 14 Feb 2022 12:22:34 GMT

GET
H2 200 71.css
www.thestar.com/static/ 8 KB
3 KB 102ms
101ms Stylesheet
text/css 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

94cfaac981ccf7963e55f283105d631a56210fe50af228fcffc63a5db2143114

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:56:14 GMT
content-encoding: gzip
age: 62197
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"205b-17eda642418"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J5C7R7L616cPXF5dIoa_IEmPL8RB-ZIGTytKjZiyxLqDLZ9o-2BZMA==

GET
H2 200 bundle.css
www.thestar.com/static/ 434 KB
56 KB 102ms
101ms Stylesheet
text/css 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=30223624a80ae0acc4e0

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1c20718b1c0169fd62a400dad810f15e4e064ed3129356cdc8ac21c0b6c96ccd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:56:14 GMT
content-encoding: gzip
age: 62197
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"6c991-17eda642418"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IRX8rfE4UcU9Kh6j2i_9DUgmRthaTIypM0wyadWeBQ_MYGG6vHBJcA==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 478 KB
139 KB 111ms
68ms Script
application/javascript 2606:4700::6812:451
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549fdc6034c005c4d1b62bf971f89636c6032d5e386a089980f06058028a4178

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 1124
x-guploader-uploadid: ADPycdv5caiD4Bll0OXsgwviNdkvTdLkENVE9hgoulqIwUl6WT33WDZUUUYDFI1suI0XJh7h63sB1M78aJRpiC6Smg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 18:46:53 GMT
server: cloudflare
etag: W/"f0c60d993341c7c771224dee6a80f92b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=agsjcw==, md5=8MYNmTNBx8dxIk3uaoD5Kw==
x-goog-generation: 1644259613262659
cache-control: public, max-age=900
x-goog-stored-content-length: 146548
cf-ray: 6dd63506ba4f374a-MXP
expires: Mon, 14 Feb 2022 12:27:51 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 247 KB
86 KB 104ms
46ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 668e63028ea3fcd991fdc6ba68efe5684dcd3762cdcf355ee8f502ee75f8318a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:51 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: 8V4BBEX3MQ7AQBMP
ETag: "521bfcbd7c2e1d437f33711131ef9759"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35311
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 31aoAems2kzDP6+J0m4A0VLCLISLASmuDZEOdHMJSn5OZanLheHi45c0Rm7p8t9mwaI6asxBohM=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
468 B 98ms
98ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:19:30 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 10401
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"16-17eda5f9bf0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: RSh32BArTDH3WthrN4ZLmPvqSSSr_DYpm4IHozFpxVE0PLmY5_uXxA==

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 43ms
42ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:55:37 GMT
content-encoding: gzip
age: 4634
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1df3-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BxBs62Z-ibOsLLGy0CqR8IZR9_HPmS5w3L7ZlxpR6nxbxiTIidtZuQ==

GET
H2 200 loading-spinner.svg
www.thestar.com/assets/img/ 3 KB
963 B 48ms
47ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/loading-spinner.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:15 GMT
content-encoding: gzip
age: 4597
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"d54-17eda5f9808"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rRUkd-0PEaL8PI4Ss52PxOWnKwEt8MT2b3xjdutp2oMuJq88QayXzQ==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 44ms
42ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:15 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 4597
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"24d-17eda5f9bf0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: iQQh0nAI95YEo20GmW9tVeyIXl7vVhU8wNG5Jv-TdHZUMMFcv0mv_g==

GET
H2 200 logo-thestar.svg
www.thestar.com/assets/svg/ 2 KB
1 KB 43ms
43ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:15 GMT
content-encoding: gzip
age: 4597
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"73e-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: j8RkDjSYQhCrMMFILEo5L08_QLPgP6Mx6CMIEBhlYcQxi1Yp49KzhA==

GET
H2 200 Micallef_Shawn_logo2015.JPG
images.thestar.com/Ec-JCzPee8njjGORajU4_RaL1J4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 103ms
28ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Ec-JCzPee8njjGORajU4_RaL1J4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Micallef_Shawn_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2de1673186c399634f6f6abf9ca0922a014401cffe1ff71021e955475ab3d36a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 13:02:51 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 11142601
etag: "ad8cee3e125cf0dde446ab8c3f5f3bd61bfc2b65"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 2809
x-amz-cf-id: LsjBqUu2GyerFpWu5B-ZJMZ82nAMxXq5osQflNB-um07-iaJwfgUcA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DiManno_Rosie_logo2015.JPG
images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 102ms
29ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/DiManno_Rosie_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 08:47:35 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 2258717
etag: "4e821b61fc91fae540b114d909a38e3e1f364024"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 2989
x-amz-cf-id: qye1mCa5QWkRhm68jfQGLjejbZenWhj3nIjJo6i9M3hSWFsboTtV0w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hebert_Chantal_logo2016W.jpg
images.thestar.com/zcriBH5GetcognR9ZhuQd39SFW4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 104ms
31ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zcriBH5GetcognR9ZhuQd39SFW4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Hebert_Chantal_logo2016W.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f1c7fdb6522522eef3c947243ffca58854dfbca9987adb0f49696a4a51cfd3a7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 20:18:52 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 2044439
etag: "681869e137181289e268ede0253e6a195f3049fb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 3071
x-amz-cf-id: yYgEkLfR0G1H5ca7_1YBnlb0gw6o5zNODflQ27-XjYpHDs1f4df4Pw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 beijing-2022-badge-01.svg
www.thestar.com/content/dam/thestar/static_images/sports/ 8 KB
9 KB 154ms
139ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/content/dam/thestar/static_images/sports/beijing-2022-badge-01.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 () OpenSSL/1.0.2k-fips Communique/4.3.3 /

Resource Hash

c8f14842bf6b55eed43d7188fc849f03f6bd0a2c2285587b4fc3ed9c3671b2bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 31 Jan 2022 20:39:32 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips Communique/4.3.3
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
content-disposition: attachment; filename="beijing-2022-badge-01.svg"
accept-ranges: bytes
content-length: 8534
x-amz-cf-id: gIoD0bhSc-flOQMP797NtXfvJ5dVcGZcysa1jQ9i3KPMAIeBeAqRzg==
expires: Mon, 14 Feb 2022 12:27:52 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
703 B 87ms
72ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:24:51 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 2881
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 263
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"107-17eda5f9bf0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: kppDSRKBcSR1bcu-NVnG_OIvtCCgcLiRWmIAIL0lq6Ox8JBkMmbXDg==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
4 KB 88ms
73ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:41:19 GMT
content-encoding: gzip
age: 5493
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1e63-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uXjg4LWQ7OAQR2TxYbFtw2ZG1DSvfz_v4JWcYW5XavyjflgPwt92aA==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
5 KB 87ms
72ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:37 GMT
content-encoding: gzip
age: 4575
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"2859-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: icrD-HNvPONm_1D8hQrhzTfbfnQAtSwPz2CltTxCWhu_gd0oGA4D3A==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

153ms
26ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 01:07:27 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000171-IAD, cache-fra19149-FRA

Redirect headers

x-tw-cdn: VZ
Date: Mon, 14 Feb 2022 12:12:51 GMT
Server: ECS (mil/6CF4)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=",edge;dur=5
Content-Length: 0

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
566 KB 45ms
31ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

deda314c90a4d526810b243c21f4ffead204494dd210f555c6e0fdc4a079fa50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:39 GMT
content-encoding: gzip
age: 133
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"202f5e-17eda642418"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: o8YhncYWxDT1fkB-aXm_ulYc-mzUd4xzCv-hKrsA0xswoD0V-vM2WQ==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
238 KB 46ms
31ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=e4224147

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1831b0f5a624f145d4e73d1c77e20bf9a28507ddd45ee72ff863f9b6b811f424

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:39 GMT
content-encoding: gzip
age: 133
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"133a27-17eda642418"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OJkmZudkzDtFTjm2krXnD1rDnLI-4D1F7U06swTa1JTfGUwDpGT7ow==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 302 KB
302 KB 42ms
27ms Script
application/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37aca04722332249aff198c2e1eb824ef37451464af75f554b0177d77a799ad1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:43:31 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 02:00:19 GMT
server: AmazonS3
age: 27596
etag: "f37276593b9dd6b7b58269863ae2d9e4"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 308871
x-amz-cf-id: 0MaBl0w3hhQpAzunQrYjsfmdOON9PdeXppR_3KUwQlQpQZxcVNl2dA==

GET
H2 200 ozp_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/thestar/ 4 KB
5 KB 42ms
28ms Script
application/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/thestar/ozp_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18ed9d8d422203c7a87e2e75898e778588f2c8a923164f15f78a8b9390679e4a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:43:31 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 18:36:20 GMT
server: AmazonS3
age: 27385
etag: "982a4b6796b706473d315badc5c6d5e8"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4521
x-amz-cf-id: WWhVaJ9y3QkeS95GrNvo-A4T68X34IfEolMpJMO51VlRNNi03ojEJg==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
698 B 345ms
110ms Script
text/javascript 3.91.210.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json596

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.91.210.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-210-140.compute-1.amazonaws.com

Software

- /

Resource Hash

4951df05a0885c3d6357037d0641e950c8272abc55f8aa7d9be23296bdc29b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 362 B
440 B 550ms
38ms Script
application/javascript 158.101.193.104
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.193.104 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8427bc5f38727831b33ee14188e5b1d4a95185b5c0eeae85d4fcc77c5ec3dc29

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 362
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 317 KB
69 KB 119ms
31ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43e97e5d45f33c232bdf7848baac24ce64370ce733ad8642a3827e629a853af5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:06 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:32:01 GMT
server: AmazonS3
age: 2447
etag: W/"de657f1c6428dacabc408696f7427fa1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 0UTJb6IkrHJ_z9qjQveUc9iK1OhgteGK
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: g4X60vUm9Z1lZoHj6X7dF9E1TtSGYZMzWQ-4OSRHeH-HKKLskCu1pA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
72 KB 108ms
42ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f6a73925080491e2ef18dd078e6485b9e6b10e6ee2da5e8f8325939e940f616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72739
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 91ms
56ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: f3c2cd094ac4567cde5c7bf7c3737e35cdf1278e0f30ff78f965d32445942ca3

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 39ms
37ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: de5be5e24c2d64db9fdd8a0f48e6d9ce6f792bf62e4e2baaf8e8449acc7c367a

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:57 GMT
server: gfra1
etag: "620a3a65-e85"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3717
via: 1.1 google

GET
H2 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 103 KB
27 KB 28ms
27ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d71cd26a8d15e08c1bbf30862aea8c3f7b66db1ec5ca08c67d7ff1e03b4ad4eb

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:53 GMT
server: gfra1
etag: "620a3a61-6ab2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27314
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 117ms
112ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=DA7E155D6B7CEDE89E85B0EFD62AED69E&h=3c3db07b9522e8fbb436ee35a55e4a58&r=0.5610721639539227

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:52 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
487 B 95ms
37ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 98f3d3dbfcfc54be62df959f1318109331e8cc1f1bff5e9a68eec73e0241b650

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
693 B 104ms
41ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:51 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 70166097-6988-4e2c-b8c7-de2581440ecd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 219 B
438 B 107ms
35ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 40eed9f30c5cf0d5e3e051f8bc376a13f6025f628ad9795d8177c96ccb14cfdd

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151
via: 1.1 google

GET
BLOB 200
OK 5ee2a5a5-ff57-4a91-9c5f-23560f5bde83
https://www.thestar.com/ 270 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/5ee2a5a5-ff57-4a91-9c5f-23560f5bde83
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e88d5f263945d9341d3180cdab77d99915a1ab21962fabc4312f9ed09a1a0448

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 276588

GET
BLOB 200
OK 35370733-b6d9-4ed2-b719-49033c1d21db
https://www.thestar.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/35370733-b6d9-4ed2-b719-49033c1d21db
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9b392e587ae017404e8c563131cf72e306fe94c2e1ad9cd077dc43e4c1bc84c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 19525

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 134ms
41ms Script
text/javascript 18.66.107.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Feb 2022 12:10:42 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 130
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: K9ALoklDVecEJlZpL6zlr7gk_7K6-q1BtWtmKZ_Qhm4cm8nhg_4JyA==

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
358 B 74ms
41ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 3c7f38420d54fbc003df9c55442eb8d4e3fea47dbcc036f5705e26c790876f87

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 3 KB
3 KB 178ms
63ms Script
text/html 34.254.48.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-DaqaxDFvVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-7pu29h1deVpMDA%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&rx=606547873271&callback=MoatNadoAllJsonpRequest_16405431
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.48.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-48-82.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 4f0b2a20ec21fcfec02cd01107acc1e6311be5467f1c504bfe6f306edc349480

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "3a08236d9a6a55803a617986d686c1f5f381e0d8"
content-length: 2954
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 37F8 1 KB
2 KB 83ms
30ms Document
text/html 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

x-amz-id-2: tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id: 7Y2H1YDSCY2G4ZCG
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=1296
date: Mon, 14 Feb 2022 12:12:52 GMT

GET
H3 200 vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 219 KB
62 KB 28ms
27ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e405c0d0ab8c71073b5d5f4bac965a420738c11b580602dd5bb76fcd7ca41c7a

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:57 GMT
server: gfra1
etag: "620a3a65-f98a"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63882
via: 1.1 google

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 1298ms
53ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK 181778-254412191205210.js Show response
js-sec.indexww.com/ht/p/ 139 KB
39 KB 795ms
707ms Script
text/javascript 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Feb 2022 12:10:45 GMT
Server: Apache
ETag: "764ad2-22b48-5d7f94e6930ee"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39661
Expires: Mon, 14 Feb 2022 13:12:52 GMT

GET
H2 204 ron.torstar.js Show response
hb.districtm.io/prod/101918/ 0
268 B 85ms
34ms Script
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/101918/ron.torstar.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6dd6350acec8f91b-MXP
access-control-allow-headers: Content-Type, Origin

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 93ms
87ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 56757E705A66F527
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53727
accept-ranges: bytes
content-length: 54912
x-amz-id-2: PYfLxEWNlwDZ6lCd2UgASgx/6g8HWZPln2hsAZjqzoBk+Jl2tpaR4z8otmipVkvgioLaZjNYc24=

GET
H2 200 / Show response
beijijngmedals.thecanadianpress.com/ Frame 5CDF 2 KB
2 KB 518ms
432ms Document
text/html 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33588a91c0a35528645dc3f8117443e5c00c70bba1de6ac0132818e1cd6f7ef7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/html
content-length: 2128
vary: Accept-Encoding
date: Mon, 14 Feb 2022 12:12:53 GMT
last-modified: Wed, 09 Feb 2022 20:07:16 GMT
etag: "5386f322030b5a342e33d6597feb9507"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: a6jKK1jdcMRAbkaGI7JhYKuaiHt8QNzJsNW4YL7Y5xyq5ufKzdLHsw==

GET
H2 200 hp-widget.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 69B8 23 KB
6 KB 102ms
36ms Document
text/html 18.66.248.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-24.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 542371cadac2900fe706a2cb72ef579531e1fd5c4035dce4da345ddaadcbe05f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/html
last-modified: Fri, 31 Dec 2021 18:56:00 GMT
x-amz-meta-version-id: Yu_xc7TW93J_peac1Z2v4Y.D22xnV9CW
x-amz-version-id: FXr.crfz3DTu50xCded7GEEku5dpffZ8
server: AmazonS3
content-encoding: gzip
date: Mon, 14 Feb 2022 12:12:52 GMT
etag: W/"085e4d6b945679e45e8c1b6008c083e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: L6PpSHal9g90xPkR6uanOjXqB5LUs4Sh4-I3st3_SJyN3n3GFaWa3w==
age: 217

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 83ms
78ms Image
image/svg+xml 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=30223624a80ae0acc4e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=30223624a80ae0acc4e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:28 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 9443
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"2bf-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: -44N7My9ue9a3YD2q2WGVhLksQ_JR43hO_8nAwTkldllxYas13P5Hg==

GET
H2 200 material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 101 KB
102 KB 65ms
64ms Font
font/woff2 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:32 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
age: 200
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 103852
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"195ac-17eda642418"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: eYvrc3kRErEFJrXeC51eCxcbMge7NVjra-DZ0HtjtYltWPayBRS6fg==

GET
H2 200 star-icons.ttf
www.thestar.com/static/ 21 KB
12 KB 70ms
69ms Font
font/ttf 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/star-icons.ttf?152ecd4302995eadca31c37662f7ecd2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

3817de7ee89900b5db3dc77bec5e75b9d44feea7ab19e7d409092da3c09eb870

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:19 GMT
content-encoding: gzip
age: 93
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"5254-17eda642418"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7pX6-2x9DUj4i7HumloE1YzkBKp7ezGTYXEYaBuri9s-DwpuBio5nQ==

GET
H2 200 adsct
t.co/i/ 43 B
336 B 231ms
142ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3ed62e2d-7f71-416d-b95e-f79bf2ad81c3&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 14 Feb 2022 12:12:51 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6a206228d4f08ebfdc9c03440856ddb7d65ea43a6ee1b0296e5d2d23ae1738a0
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 117ms
35ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: iMA75Ab0p6hS8sQrQhSvv8Z6m8mRKhYFtG6QLPccaTOOGC0Dw3MDk0XYcWJG8URlm+/p+mR2ej+McTbkH74g3g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 14 Feb 2022 12:12:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 90ms
28ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 01:45:12 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 37660
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: oclwZGoMxiunyhp1sKExpoqL1zo9o7jNlYSxpL2Hr6vOhXNzUHOu6A==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
517 B 436ms
377ms Image
image/gif 18.66.242.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-202.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: FzkIaYBRAm3eQgN3GD31qSYnoHJlLegoBDtRAIYXb7hJz-yXqqu4og==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 87ms
27ms Script
application/javascript 18.66.242.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-164.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 21:36:01 GMT
Via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
Age: 52611
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: FIw_tbtGq6Zo8AJ-5cIBJ8Gy47OfO2GzXr9Rs_8x3BOCw4jTgBT64Q==
Expires: Mon, 14 Feb 2022 21:36:01 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 157 KB
46 KB 63ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=456900
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3ca4ba239ed2d8c05925a84d13a62b52aa0abecccede81e4db5d583ba4d3539

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 02:39:47 GMT
server: AmazonS3
x-amz-request-id: GGS6CJCE8HHX56EG
etag: "1092116463757aa17ecc0bdb18195ecc"
x-hw: 1644840772.cds209.ml1.hn,1644840772.cds221.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 46600
accept-ranges: bytes
x-amz-version-id: 0uK.FWXfXeZfVgBak_oV1vcH9geYa0PV
x-amz-id-2: ydQijnIG1OETK74UPr9BrkbKbBAk8rYNKepmdDOj+Zy1X43ndWTc+0qhZktHQ0KWN+NSpm4nb/4=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 94ms
34ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 76
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SHEK4GDX5C40JQ31W22
date: Mon, 14 Feb 2022 12:11:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: H50BkAjAXm0jGd_WvA4Qj2cHQTep7aaKAqeAzCjlvqp4N-2gHQYbmQ==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 286ms
143ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=3ed62e2d-7f71-416d-b95e-f79bf2ad81c3&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
server: tsa_f
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5b2305d6207d76f03beef303dad79e5fca6652763528ebcd2975c5a035b4915c
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 47ms
27ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:53 GMT
server: gfra1
etag: "620a3a61-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 css2
fonts.googleapis.com/ Frame 69B8 4 KB
1 KB 100ms
38ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f4db5659caa6188fbf8fa4d789652351c6b4e115aceed4d97b560e918c53fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 10:32:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 12:12:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 12:12:52 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame 69B8 207 KB
69 KB 40ms
39ms Script
application/javascript 18.66.248.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-24.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
age: 87
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
date: Mon, 14 Feb 2022 12:12:52 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: qDx5OiITBXOg7tkNJgw-VUgaMFKX120U8HhiPheNYqo8GeVVGQbVag==

GET
H2 200 needle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 69B8 470 B
882 B 32ms
27ms Image
image/svg+xml 18.66.248.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/needle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-24.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: PHp84jahms4CJNjldWqFykMudiRkBAyd
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:00 GMT
server: AmazonS3
age: 259
etag: "7b192d8826a89c17b265266118be34e4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Mon, 14 Feb 2022 12:12:53 GMT
x-amz-meta-version-id: MV9uaQT60tDgvyFTmtizWztglNGxBqZN
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 470
x-amz-cf-id: wDweAz4ou1Ssi5_A0qa7LRf--ecfTGbUmU3aq4WLgj1z70qVpLhYrg==

GET
H2 200 greyneedle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame 69B8 465 B
836 B 32ms
28ms Image
image/svg+xml 18.66.248.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/greyneedle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-24.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: jfLD05iZMIZ7gkaEXfKmtY6Chs0LH8kp
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 15:34:40 GMT
server: AmazonS3
age: 259
etag: "7a9e2f9f869c3b5f5c1b0bc84c743854"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Mon, 14 Feb 2022 12:12:53 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 465
x-amz-cf-id: MND4uO5rgdYyQZNgzNWKieOs-MVULLBTIczOyyW9r5KPKprj2LG4Bg==

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 69B8 804 KB
56 KB 528ms
261ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=1000&callback=getCaseData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5452575314e1670666677df12b99c0b0b0f86fdd6a076e1bdf374e59f36a75c1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Mon, 14 Feb 2022 12:22:53 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 69B8 186 KB
13 KB 559ms
286ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=0f8b343e-fc28-4ca5-9aab-c3a1d2c919f1&limit=2000&callback=getLTCData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 335e965a01427602557c0e4e0407bb012cbebab68012fb57488c62df20eaee91

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Mon, 14 Feb 2022 12:22:53 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame 69B8 184 KB
20 KB 553ms
287ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=1000&callback=getVaccineData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 143931a05844543ad39fb3df7fbfc9c8411b32fd5bfd1b00f29fe80ff3202c6c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Mon, 14 Feb 2022 12:22:53 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 199ms
51ms XHR
application/json 34.240.134.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1644840774311

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-134-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cd0473ec45841b4eb836d234a511bf567db56e977dabba1771a5e43273d931b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v027-07b513162.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ScVnXrzFTXU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 327
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 37ms
36ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:11 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2442
etag: W/"820eb42f3120ddf65e303b24a8285815"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: vz03mFQIjr.BEzGMOXecgqTlf5QWgol8
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: jUWO8FhHPqHXjQvJ93pqrJdRe1UBGlp7xOZ4vF_mwjfTEasv63yD9g==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 37ms
37ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:11 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2442
etag: W/"abbe69e5c8f385f00652c3d0c2bba347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Rs_uYherBdvpbpMPl1atKolsjOSj8_0j
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: Eq-LQspbjK1bAuyWBlYGpmamNJ40eUk99iOHhxnhs56okRxsFBST9A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 91ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=e4224147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

951b770da916642daf6f0b6f0591cc13591a2ef2c46a2a2e3a5fd6b992ab1408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27158
x-xss-protection: 0
server: sffe
etag: "1131 / 105 of 1000 / last-modified: 1644840352"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Feb 2022 12:12:52 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
429 B 32ms
32ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:46 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 126
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
content-length: 19
x-amz-cf-id: gMJDwT2SPan6v9uw_IlAsG_4Gw0nbhQCxJZy-2Nv-7fiGnuNhpeLPw==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
428 B 31ms
31ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:46 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 126
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
content-length: 19
x-amz-cf-id: 66rXqJdWy9mi-md4h337b0kqoo6g9QCSpyWogj0qR6eZUzeJf0yqpw==

GET
H2 200 sportssettingsdata Show response
www.thestar.com/api/ 654 B
1 KB 159ms
158ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/sportssettingsdata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

bc92db10eb34954ec128d6db4e88bced94f3579131eddc361bfd60b329619769

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"28e-aCYZh6sTfsPDyWC7f7L+6JETt3c"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 654
x-amz-cf-id: 6HajsY5f6HTDyoo11ZgCVwR3dsDcoe0zya-U61Qo04LlGv0VaOIGLw==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 19 KB
19 KB 31ms
30ms XHR
application/octet-stream 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e150724e787fc57db27606b4a4eedf0947739a1c80c2157340cf28716e753f3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:26 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 12:02:28 GMT
server: AmazonS3
age: 207
etag: "512dff0525875b871ab1407b4824ab15"
x-cache: Hit from cloudfront
x-amz-version-id: WwYCmDc5N3c4pfy6klm073nGtBIwNO.f
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
content-length: 19419
x-amz-cf-id: fPHWfQHJB40he2u4jku-8dfXHM_5l54Adf9ahjNOEcFHZLMUFCN9Gw==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 19 KB
19 KB 31ms
30ms XHR
application/octet-stream 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-39.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e150724e787fc57db27606b4a4eedf0947739a1c80c2157340cf28716e753f3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:26 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 12:02:28 GMT
server: AmazonS3
age: 207
etag: "512dff0525875b871ab1407b4824ab15"
x-cache: Hit from cloudfront
x-amz-version-id: WwYCmDc5N3c4pfy6klm073nGtBIwNO.f
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
content-length: 19419
x-amz-cf-id: G0rqxR1tCmf-_QqPQqqKsRH00se2eiCtoH0LycSQkNQEBDjysdt5pA==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 160 KB
39 KB 621ms
530ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=e4224147

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

0bf24129fdecdf539558d4dc948b494614fdf8647f43231d33d88598ee5299f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "99acc35ca5bd9d93e85da4b58d24da85-0603920f80759006b4feb1c7260e9fe6"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Content-Length: 39835

GET
H2 200 dr_david_gomez.jpg
images.thestar.com/PYtHh080_CTB7f78Kj5Bv71_qYM=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/02/14/catastrophic-surgical-backlog-in-ontario-will-take-years-to-clear-docto... 56 KB
57 KB 37ms
36ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/PYtHh080_CTB7f78Kj5Bv71_qYM=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/02/14/catastrophic-surgical-backlog-in-ontario-will-take-years-to-clear-doctors-say/dr_david_gomez.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c4c935ecfc59904ac85c8316d4234cbb505e9ae3226b99836d1efeb20382e61

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:04:39 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 7694
etag: "8f4f05f11612252b23db9aeff4c399004b864b09"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 57620
x-amz-cf-id: DLhai6t5X_8R9hUqfRpnHHzw1_GGB8FLxRr96TqBoqV4bBYlNmo-Pg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d32eb4fd41b347d8b0b68877805f59bb_d32eb4fd41b347d8b0b68877805f59b.jpg
images.thestar.com/a0cxMgIerHHCy6mMFxQLWsYMF-k=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/13/beijing-olympics-news-team-canada-winter-games-updates-feb-13/ 45 KB
45 KB 69ms
68ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/a0cxMgIerHHCy6mMFxQLWsYMF-k=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/13/beijing-olympics-news-team-canada-winter-games-updates-feb-13/d32eb4fd41b347d8b0b68877805f59bb_d32eb4fd41b347d8b0b68877805f59b.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 183f26ea4fe2c343ae6766e1ccd356a64e75847ee95e3446da0aa2ba634f30c1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 02:01:35 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 36678
etag: "5c6eaf4e5d2bf53d374f2d93e02bb33832f14005"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 45701
x-amz-cf-id: ARZdlSq_QIYxlQ2vcKwWImo3qJpKi1FYqBgVqyJHkgypt4fYHei37g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _1_main.jpg
images.thestar.com/9KJbbXLsDSapJlzChXq9poNfEG8=/690x460/smart/https://www.thestar.com/content/dam/thestar/life/health_wellness/2022/02/13/cold-plunges-are-getting-lots-of-buzz-but-is-it-supported-b... 83 KB
83 KB 94ms
92ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/9KJbbXLsDSapJlzChXq9poNfEG8=/690x460/smart/https://www.thestar.com/content/dam/thestar/life/health_wellness/2022/02/13/cold-plunges-are-getting-lots-of-buzz-but-is-it-supported-by-science/_1_main.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3eb840c90fa2b960a984d3b06f9d59d1b601410b83780df6e2629877dad79767

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:15:25 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 71848
etag: "c45e2dede0a30f034e0ccc392070e7895065fa6e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 84810
x-amz-cf-id: 4cgWSPigYQ9jhrTXyVbSgdmsNIsQaNRa_9_L7uwlbssgTuwmtYl5ew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220214060224-620a3cb9f028e064db724fdfjpeg.jpg
images.thestar.com/Y2bTn-XLaaLoulWWkg4cJIvZdQc=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/14/canada-taking-the-long-route-in-mens-hockey-at-beijing-olympics/ 55 KB
55 KB 120ms
119ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Y2bTn-XLaaLoulWWkg4cJIvZdQc=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/14/canada-taking-the-long-route-in-mens-hockey-at-beijing-olympics/20220214060224-620a3cb9f028e064db724fdfjpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a0537c11b003a1decb75be22d0d6cc543c48e9c88466b4e35b06b5eaece163e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:46:02 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1611
etag: "ad913445fc5176cbefb0bddbb4670256e3ebe87c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 55923
x-amz-cf-id: rd31XMOCFndzrfIr7mFs6NnJc4IgyWCPkMtXOEn-GrIyhZf4XpHOOw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 leafs_empty_arena.jpg
images.thestar.com/LOkj0K4HdPT5asPWw8YRitH3BFs=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2022/02/14/inside-the-nhl-win-now-leafs-have-growing-anti-ontario-roa... 48 KB
48 KB 109ms
108ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/LOkj0K4HdPT5asPWw8YRitH3BFs=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2022/02/14/inside-the-nhl-win-now-leafs-have-growing-anti-ontario-roadblock-to-deal-with-plus-tuukka-rask-goalie-class-redraft/leafs_empty_arena.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f9b9e6446d7f175e8589db2fa6d8b787cbfd392331d58b7ec88f32a89c97f75d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:01:47 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 4266
etag: "037a481201d1c64819bc81674a02a998ccf801ad"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 48800
x-amz-cf-id: -RgH1sWwIszfkwrzArXjUKjhr_NjtrTffV6oA9fOEPCI3mBZuQyEqw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1644840774980&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840774980&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%...

0
223 B

33ms
33ms

Image
text/plain

108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840774980&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-38.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: JRLfKo16E5-YMPOjh34swE1J214ypZ67e0VjaI5H18qiNqEdJ1KBdQ==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840774980&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada's%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
content-length: 238
x-amz-cf-id: LP3XX4i7X5aHBFsqqWHVt9Cgbfxaqr56TedODyO4cN2dpKLtaq-Abg==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 127ms
39ms Script
application/javascript 18.66.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-245-59.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Feb 2022 07:38:46 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 15:53:19 GMT
server: nginx
age: 16566
etag: W/"61f805ef-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: lKsb0Okix7mvOK-pla0Z-YGLzFROxWqYJnE-dtbK5bU-7LNd4NnFyw==
expires: Tue, 15 Feb 2022 07:36:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 108ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2279
date: Mon, 14 Feb 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Feb 2022 13:34:54 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

30ms
30ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2109378
fly-request-id: 01FSX6QPCMDZA10VHFYP5G8ZJ4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6dd63512ddfc5a25-MXP

Redirect headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSX6QP7TCC7WPN85Q37A3F5H
server: cloudflare
age: 2109378
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dd635125c885a25-MXP
access-control-allow-origin: *

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 10 KB
3 KB 475ms
413ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: fc8ca38053185a62da400a7d81fca39035b7f35202a2b571f1498d553c1b8d98

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 5 KB
2 KB 258ms
202ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a8ad803f7ba4e78ac76c298f68e69d88ae2ed4d389f9bd6082aaa63e3948828f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 9 KB
3 KB 403ms
353ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 2340dce2ad3d048afe7a502a27b037d87a8ed9a15975a214a4331e2c9b1a8e5e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 6 KB
2 KB 298ms
252ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: f19e5a983188eb634fbb84acd91f52675dd2bae3317fd395f3ddf3254ae83803

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 11 KB
3 KB 393ms
352ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6725f37b7e0989851d8c7f342db0bce8e208703d97c772a408dcd61ae3b822c9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 4 KB
2 KB 403ms
366ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 27aff93119159623e908cc6e5dba2590ac1f35ff51493af0379b09fa355309f8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 13 KB
4 KB 304ms
274ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 5d1be642ce02df3eed902b78843e8a99f383bcccddbf4e0b097672d2c018a145

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
175 B 166ms
133ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2112&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=8&jsfv=nbc&ts=1644840775008&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame DBB6 7 KB
3 KB 212ms
52ms Document
text/html 52.212.232.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-232-57.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 14 Feb 2022 12:12:53 GMT
DCS: dcs-prod-irl1-1-v027-02c14aa4a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 19 Jan 2022 13:28:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: B5OaqzzLQsk=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
s.thestar.com/ 48 B
507 B 110ms
35ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=76516464615500737111036690920354384506&ts=1644840775083

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

fbc1f50fa442fc620280705f3c7e9427935ca8cc477dcc85641afbe175421800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-8zhpd
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YgpHRQAAAHfNAwQS
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=76553084876567545331039792265391362160
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAHfNAwQS

42 B
945 B

51ms
51ms

Image
image/gif

34.240.134.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAHfNAwQS

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

34.240.134.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-240-134-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v027-069e5a96a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VzI3II24Qn4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAHfNAwQS
Date: Mon, 14 Feb 2022 12:12:53 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ Frame 69B8 37 KB
38 KB 95ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:57:28 GMT
x-content-type-options: nosniff
age: 548125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 03:57:28 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 5 KB
2 KB 264ms
264ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 3ea558b901b3ec4da6aa20dc9d6d7a9b3c3d26f709218e1421fdf93da7566bf1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 ottawa_convoy.jpg
images.thestar.com/OCoQ8XROCwBj7YEeLTzOferiurc=/0x0:1124x749/114x76/smart/https://www.thestar.com/content/dam/thestar/politics/federal/2022/02/13/ottawa-police-want-more-officers-to-deal-with-truck... 4 KB
5 KB 31ms
31ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/OCoQ8XROCwBj7YEeLTzOferiurc=/0x0:1124x749/114x76/smart/https://www.thestar.com/content/dam/thestar/politics/federal/2022/02/13/ottawa-police-want-more-officers-to-deal-with-trucker-convoy-but-sources-say-there-is-no-plan-for-how-to-use-them/ottawa_convoy.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 925dc37d53806eb1b265cad0eada8d5bcd6413b1c2928c892fc34d9837e4113c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:11:37 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 3676
etag: "69eef91aebd20de21b791fa271604101610339b0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 4481
x-amz-cf-id: vLo6WISR1R2OZbd8sm6YjX5hooHVleWHJLexX_MUfOsd0FBYeQG0rA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 humphries.jpg
images.thestar.com/0nBZlK6AVitN26A8WvYH035nhO8=/330x220/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/opinion/2022/02/13/canadian-turned-american-kaillie-humphries-stands-alone-... 13 KB
13 KB 31ms
30ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/0nBZlK6AVitN26A8WvYH035nhO8=/330x220/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/opinion/2022/02/13/canadian-turned-american-kaillie-humphries-stands-alone-and-slides-alone-to-monobob-gold/humphries.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 41ff31cc2d4480d58bc5c85ee17c1b78392f83825250e87fb9ed40d886e374ff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:02:52 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 29401
etag: "d13f47f77857711842c391c726aab4a8259d9871"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 13418
x-amz-cf-id: _n1pCqBKIJx5MM_TO9sgMB_Mao2O0p8PDQRLP7-5MezuvwsZqJVnbw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 595 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 49 KB
9 KB 410ms
410ms XHR
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/595?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-02-14T12%3A12%3A55%2B00%3A00&ts=1644840775177

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

a43843bf3b49976f0bce77be85e5a753acf6a2035ca44305a516250e08491589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 8208
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: CqWFZjC9FZaEFphUAMs_GU8afC-aJE2RA-v9u1Vk1pK1ZKwBWHHofw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 33ms
31ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:39:40 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
server: Server
age: 1992
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: RxH2otqn9UAZh8MPNgYxTiW3zFdyMvjqtejxP1BtNaI_nUDrbxIeGw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 85ms
26ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 32231
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Mon, 14 Feb 2022 03:15:43 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: DbXL5dvsqPmNpQ6EryrjocboQmFB8JBql1AeqAau-VvzjZfaznl7ZQ==

GET
H2 200 main.c102d52c.chunk.css
beijijngmedals.thecanadianpress.com/static/css/ Frame 5CDF 2 KB
2 KB 444ms
444ms Stylesheet
text/css 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/static/css/main.c102d52c.chunk.css
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d32d26418f0a4cab9453fc8f9ae4350845b201ef329fe69aac4840544f9c213

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:15 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "8f52e309bcedcaae0ca88116671391e9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1664
x-amz-cf-id: GmkbvbHBNuo6Rbv-LUHCu336OrseArSsut2MJ89nBUjqMx_PYfSzcQ==

GET
H2 200 2.3cc02254.chunk.js Show response
beijijngmedals.thecanadianpress.com/static/js/ Frame 5CDF 214 KB
215 KB 435ms
434ms Script
application/javascript 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/static/js/2.3cc02254.chunk.js
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce645f5d54866ed5cf909b236e041b7e9326b7cdb71e8e507fe5fa79172c5ddf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:14 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "deb9cd5d6619719d3ba6062c14599849"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 219230
x-amz-cf-id: Y_BDbe9BhPOWOpT13ieSBPIEuXVGzCZ-Znd6zspQvPgIKhAnkNvjpg==

GET
H2 200 main.200d8e04.chunk.js Show response
beijijngmedals.thecanadianpress.com/static/js/ Frame 5CDF 68 KB
68 KB 432ms
432ms Script
application/javascript 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/static/js/main.200d8e04.chunk.js
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 501db17c4702013db299f94dd0bb8684f382ab667d5e62f29298d7cf8655ee79

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "ed0708995271a9895b8578b356acba2f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 69546
x-amz-cf-id: L0C6GrM53_am7uRdEOo4oniHQB8Nw3816sgU0RlPEqzCnPUkEQu1OA==

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
328 B 71ms
34ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 161ms
51ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 3585530778bcb49e71d4a59a8afeeef2216be8665c588af9f25111465e19cd5a

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 16 Mar 2022 12:12:53 GMT

GET
H2 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 102ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:49:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Feb 2023 10:49:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
766 B 111ms
44ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5cb58980d85cf281723d540bba89bab8667e9929132da9cf516b39cbf6afb4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:53 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 451ms
44ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 48c2e09fd6c9a2479c5250705a3af4b13dec0c89e94152aed7fd24c59ffb77d9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 77ms
33ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=543363692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1414599806&gjid=93868003&cid=1428096320.1644840775&tid=UA-70431129-1&_gid=1129704929.1644840775&_r=1&gtm=2wg290P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&z=326454715

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 69ms
32ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=543363692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1366845164&gjid=709235294&cid=1428096320.1644840775&tid=UA-73335503-3&_gid=1129704929.1644840775&_r=1&gtm=2wg290P86MZHL&z=937863123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 218ms
217ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

95344dfde60f4020ff7047369f479d442e47843d1e4933598409d2a09d57b04e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"f8c-Oa8vw10HQxuImBajr/pi75nbB5M"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: ia_zjMxercjXbGEC1-5bXxHg3Qda2_WXAKtCRWJzheQlgxGjO0Z7cw==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 212ms
212ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

0aadccef70dba22774bb34d89d8bb78dcf357c2876983813122b75edd60be756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"1009-BxE4FnLydXz+yiURavY34disyik"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: hkagFgZA5mcFLYOBxnuLdZE1WPQG6X6dsjpwyvtK6N160xlW0rgFDQ==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 31ms
31ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

0aade1454de72aaab14b0ce231e3be92dffd5fe6ff7c1d97498612a0c377edd8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:48 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 125
x-powered-by: Express
etag: W/"2c83-jMZzegW8UD3v7UAs7NiD0ygTxNQ"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jdytCJ0SQvUzp3TTsvYx8KhNvlqmfnSNKLnrjxXrWsxfZUFjSEZVhw==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 453ms
113ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1644840775372&plid=47541476&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11149%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1644840775278&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Mon+Feb+14+2022+12%3A12%3A55+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=946934&u=pid%3D6b857becc244a8d745c37e974b59deb1
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:54 GMT
Cache-Control: no-cache
Last-Modified: Monday, 14-Feb-2022 12:12:54 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 11 KB
2 KB 215ms
215ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

37f354767d903f5778c18c65bbaede1a266f953431a6e821803656cd516bfe62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"2a0d-UnXAya+9Bu/EvTyE7Qjjd5rr1SA"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 9YejB-0wROc-dlb-XGKIWEWfKgs8xN5AKFaaV-XmcK12r_blcXqzsg==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 180ms
43ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=1428096320.1644840775&jid=1414599806&gjid=93868003&_gid=1129704929.1644840775&_u=YEBAAAAAAAAAAC~&z=1932505157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Feb 2022 12:12:53 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK common_widgets.302c29ff689186dbc6db.js Show response
widgets.media.sportradar.com/assets/ 469 KB
141 KB 37ms
37ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/common_widgets.302c29ff689186dbc6db.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

03430d731a51f0135c19e0f0a3ebd0eb9735e582be8521eabb50c8636025ea53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "51f2fc0f545cbc8ebe02de9942453615"
Last-Modified: Thu, 10 Feb 2022 12:36:17 GMT
X-Served-At: Thu, 10 Feb 2022 13:35:26 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143638
Expires: Sun, 13 Mar 2022 13:35:26 GMT

GET
H/1.1 200
OK us.common.scoreTicker.b747d0c0034ca1069c08.js Show response
widgets.media.sportradar.com/assets/ 502 KB
135 KB 128ms
54ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/us.common.scoreTicker.b747d0c0034ca1069c08.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

0060d2dda7b23b9d68885f719c220efc1e787a7c9dfb017bbefda9ac6a133175

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "1030b9a6819dee8e529f0030726a984f"
Last-Modified: Fri, 04 Feb 2022 20:00:28 GMT
X-Served-At: Fri, 04 Feb 2022 20:55:37 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137629
Expires: Mon, 07 Mar 2022 20:55:37 GMT

GET
H/1.1 200
OK react.6de99b51259fc63a2ae1.js Show response
widgets.media.sportradar.com/assets/ 117 KB
38 KB 128ms
54ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/react.6de99b51259fc63a2ae1.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

73cb733aad8948c06e0825fe9456eb162f7af568f7ec1b62dbddd161c3051243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "8d2cdab18cd100e1453be8ee8cec4fbd"
Last-Modified: Fri, 04 Feb 2022 07:47:57 GMT
X-Served-At: Fri, 04 Feb 2022 10:45:59 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37925
Expires: Mon, 07 Mar 2022 10:45:59 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 235 KB
56 KB 152ms
50ms XHR
application/json 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1644495749081&h=5ba72aab0ac62171564e1d9fd5999370

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

6da5dd3b777c8f89f95d3a55c05e7aa16894cb81bf34be13becf45494effbe9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 12:22:29 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Content-Length: 56396

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 28 KB
4 KB 508ms
403ms XHR
text/css 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

794f815439957a99ba5c28299d021fcc1b062b687ab8306ece58727baa2f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 12:22:44 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Date: Mon, 14 Feb 2022 12:12:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3730

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 11 KB
8 KB 448ms
320ms XHR
text/plain 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

aad75ee023ab7b0c9cac9a7049815dd801a93abb524c332e470e7d5b7a8f2d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "b5153aa7bdf558b5586776e5de46c5a4"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Date: Mon, 14 Feb 2022 12:12:54 GMT
Connection: keep-alive
Content-Length: 8195

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 217ms
216ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

2a7f2dd0765d4a3be21d3655f8f19637e2f2e03e4d69d05963ec6dabd6df6040

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"ffa-SARw/3HnJMbXoOoZOV9ibN3GJKo"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: X_WshSjojLB40fd0gFuwka4qUJF1V4NmmAaRNFnndpu6ADsogANw9A==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

GET
H2 200 76516464615500737111036690920354384506 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
418 B 339ms
331ms XHR
application/json 65.9.78.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/76516464615500737111036690920354384506
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-2.ams1.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 455db412-94d2-47f4-9dcc-013c9235439d
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-620a4746-7f6a30565425843b0f8729f0;Sampled=0
x-amz-apigw-id: NiATBGBHIAMFqkA=
content-length: 51
x-amz-cf-id: Wq0jUhxBTX51r7igjqJAlBi6ZKNcZRz9OdZrBWmCGZDxAr6q0p1Tug==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
132 B 79ms
52ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d7be058f71a8b8d84eb383dfb754b4091a952f6a459f469229a952b5418fe313

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
via: 1.1 google

OPTIONS
H2 200 76516464615500737111036690920354384506
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 399ms
282ms Preflight
application/json 65.9.78.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/76516464615500737111036690920354384506
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-2.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 14 Feb 2022 12:12:54 GMT
x-amzn-requestid: 9d4a9629-d05a-4b55-9846-799377d80fe1
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: NiAS-H8CoAMFnKg=
access-control-allow-methods: GET,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: gLdI3AH90JZLtqzE7ZCzp7QihLC-fSJrGvVcH-42rwqEO32YTSGZ2Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 241ms
239ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

e23a6776aa183e28089211911a9921af2d71eff25b3bb156c108eeaddbcbcad9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"1ef9-fQQSGl0ZexEhVwsHo8GQQpJEci4"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 8yz5Z9HeU412jBQXCIOytDCLd15iQ78MCQFufrqAeTuiZhZp0MgFuQ==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 239ms
239ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b4139a4dd4b9334e7c3bb6beb9be0ddb893d665373cec1b8893f0d1f378c1e17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"19f4-srI/hA1HNtYNr0oKnH3aaEMMWGY"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: jxJ2ZnWJhNNAF1g2URraf57Ude3BfBES9bzveYo1h3EMYRdKlFFp3g==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 234ms
234ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8475d35545e912302704e862b7dbec5fceb6da0c085b7646eaf96b7e24902d00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"e01-sSW68I488vn+CEAIQ2NnrO3kCGA"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: Tt3tQ6UgHzWVsxRHVBZreysAO1rUx5hDkJL7T2HyLTsttHe96HWKVA==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 228ms
225ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b75b938326ba99ef43c51f37a07b18c8c6b5699594cf87f3e770901481f5dbe9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"2020-g0P/ajNlhqI2ypwOviIo+DlyHck"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: mSQbL9VIp-Hw9RYZpvFT7HZp2t-n83hy_l5wcstsMlXmm_H4j7E1lQ==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
404 B 217ms
213ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: qf2h9JzWX-VgYn4LdtwSWcXeEdVQmUp97Fsxg67oXf4FyDTIOg9bRQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 874 B
1 KB 210ms
210ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

d48b0a2ab9c3acf2723de7777155c2b5a7e085194680eb43fc4fb2a708b847c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"36a-qnU8y4bG44V/WEnrvqWxueLugTM"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 874
x-amz-cf-id: 54eQC4NGeionYPFLD2iZZ03HObvEGCue6gWTpAblvFKHX5ZP8aP6_w==

GET
H2 200 30c1d1c006df0a64085b78288f0c555f Show response
e377.thestar.com/plugin/plugin/ 197 KB
43 KB 31ms
31ms Script
text/javascript 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/plugin/30c1d1c006df0a64085b78288f0c555f

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

01cffdff6aab482bfe1b1c63e467769336e0a4016146a581d091a05f9b70f3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 243069
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43372
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 16:41:44 GMT
server: -
etag: 30c1d1c006df0a64085b78288f0c555f
content-type: text/javascript; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: xt37meSSqLo1oEYoGAMmAu_ldl3hjJoWKlFD2GdzXWIgtG0eOof5dw==
expires: Sat, 11 Feb 2023 16:41:44 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 210ms
210ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8c437f676063e9ab67a382ebb571f0c348ff9e91d6528a15813d8905b5ff3c25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"d64-ZqTevFGQmLFUAyc/DTH/obQLaDs"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3428
x-amz-cf-id: N8EfVLmQIL1nScVRXHFfbs25rsB8bE0jfao_OEeZFdRKCBWAxhsEJw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 74ms
73ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=QfbDIyq2gwYZb&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: RG4WMNFVRNC155W7170K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: L_yTKDH3LdHQKdpARVBpXZdQ4Dr0W3OYVrBGuso8uMCImkSsrtCWgw==

GET
H2 200 mdc.textfield.min.js Show response
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 29ms
29ms Script
text/javascript 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 809634
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Feb 2022 03:18:59 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 0XtpUf0IyCbmMr3w56FZUalv6lVmXL9GAVG2pIXiCMPxsg8YA5uoEg==
expires: Sun, 05 Feb 2023 03:18:59 GMT

GET
H2 200 6666f343d19afa6e14d2061c890dddd9 Show response
e377.thestar.com/plugin/library/ 470 KB
149 KB 29ms
28ms Script
text/javascript 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/library/6666f343d19afa6e14d2061c890dddd9

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

d217301d1beca280818807958c12328fb84bdbb1bc7c23702276124c00a4bd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 243068
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 152264
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 16:41:45 GMT
server: -
etag: 6666f343d19afa6e14d2061c890dddd9
content-type: text/javascript; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6VDWXih0_SeUQY9EVnZfopkiGXCnIx-EvqfJ--CcGdw5HX0jxov2MA==
expires: Sat, 11 Feb 2023 16:41:45 GMT

POST
H2 200 LB-Zone-3 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/595/ 2 KB
2 KB 415ms
415ms XHR
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/595/LB-Zone-3?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=cf530396-d681-4666-a34b-59aaf95640c1&overruleReferrer=&time=2022-02-14T12%3A12%3A55%2B00%3A00&ts=1644840775654

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

3e55b72a700c54fe81b508b3769ccd2a81191f0d4aaf25e9d6a52d60e09e5440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 879
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: AEz3HYS8F5r-MXmt8ygnAc07sKMSsYqYSbXgAkokXPH3v-vcMlkLjA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 211ms
211ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8fa66162f2b74aaf28143e8bb208bd2d6a0ac382bdf6673bfd1060a55c3a827d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"356-MWcVlBkS438hxMBSHebXvDolnY4"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: obLxgK2M8fBQLc-BTl1rV3Idfr0cepqx7-ZkLh_RepghO_Qzxg3i8w==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
941 B 218ms
218ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

ec8de55b279f65ad4d49aff05ca8b9499ec486a16c87f9be7c43d978bbc465a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
etag: W/"6b5-sZeknLQan94RNRrxRlrbFGFpXac"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: OZVXim8C37SM6OlSH5X-qDRqjRsczzuBUyNix4ZFLV-Lk6BiY5Rn0g==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
404 B 213ms
212ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: hXzO5Ig1S4s5gdO2ozYvzG-kDIwcbBxmeDemf7gdA9pUzmUX_2Hphw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 240ms
239ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

290e60f247d195c19d505e85d5577c7a65e5979661cf8ab253922b52f4973fa1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"6d8-wiVOgIMsguY6l73CGQg3OxrT3qg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1752
x-amz-cf-id: wS4Pq0H4T_T2lXdo4yQDlZstn_l50dh7siC7N3WFGnTPX_vq1G0DBQ==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 193ms
98ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.5557475014816378&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0f59e30235b7ad1175409cd394a4489e3d4553474c7c2180fc93700ef5a13adc

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 208ms
113ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.9708563248632436&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 65602b8680011ec2739ae3864b24aabf917677acdcb3425c89f86700a07b0823

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 213ms
95ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.8119517399668787
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 528f094bea11a8ca10cc49d27b430ee844554b3cb53bba62b3b0c62cc4536a9e

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 216ms
98ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.8283812941747257
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 9d67650db69f861c453a04c39d1efbca8ffd74998c05694066eed3a205791412

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
torontostar-d.openx.net/w/1.0/ 131 B
438 B 121ms
39ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://torontostar-d.openx.net/w/1.0/arj?auid=540273844%2C540273838%2C540273840%2C540273842&aus=728x90%2C970x250%7C300x250%2C300x600%7C728x90%7C300x250&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._nZvmUr5g&cache=1644840775729&ttduuid=ff744ce6-f1aa-492c-b73b-7218b148e223
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 48b3dbb1cd2b2eec139cba588a52e3b8c5245e8c456da6d0cd6120e78a300dbb

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thestar.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 236ms
173ms XHR
application/javascript 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439268&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=Ya2mKK0G&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

26af65c2a131a0dd532e001643e337680a5b1de04559afa4cf5d907bccf56371

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fab8f4bc-35c7-48b3-a215-aa9bb47aebd2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 234ms
172ms XHR
application/javascript 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439248&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=qZySvY2Y&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

657e3c139305dcb5aefd70b23ffb1c3d220e6958056631353ef74232b257a081

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d92e6d4d-836f-4972-9ac3-9fc289249884
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
686 B 108ms
46ms XHR
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439253&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=eceONJqQ&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6cfe52a8-633e-4981-a599-0da5cce80ae0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 229ms
168ms XHR
application/javascript 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439260&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=1jl1zyH8&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d0c4ff54d38cb90bf6dcac11026f1b1def127cc4407f9d0b6d9d33d46387469a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3a2c43d6-10af-43bc-9cff-c9177a1b30c3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
735 B 117ms
117ms XHR
application/json 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7eae7700-b8c5-40d4-8c47-74e387d20d9b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
372 B 416ms
299ms XHR
text/javascript 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=157269&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2237354278%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22268340%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22268341%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22268332%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22268333%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22268335%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22268338%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%227%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ff744ce6-f1aa-492c-b73b-7218b148e223%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-02-14T12%3A12%3A53%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fac464390e18ca0607ef7cd4b61e50db333d16c274b5c9df9b045d285ab6df9

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:54 GMT
x-ak-initial-geo: CC:[IT], RC:[], CN:[EU], CIP:[192.145.127.219], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.thestar.com
x-cs-client-geo: 11
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 11
expires: Mon, 14 Feb 2022 12:12:54 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
78 B 45ms
34ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
cf-ray: 6dd635159f5bf91b-MXP
access-control-allow-headers: Content-Type, Origin

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 123ms
42ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_8_btf_728x90_post2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 975cdf350c825d777e8e06f8230e667076f1beb5101b2e29feeafc86f5512fe1

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 121ms
40ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_9_btf_970x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f3f3de2037a89941103028bff687e9e09bfc895d949a867d57e455e0ba37bc35

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 122ms
41ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x250_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 19a5264f856e19a2f8d9e4043a4df50a2a9db1be8c99ffa07eb8418d68bc1743

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 124ms
45ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x600_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a57751e242520c40d035ab7cb08eae82135f1416ccae8f02e19cc74af1b55fc8

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 120ms
41ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_5_atf_728x90_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f3dbb6ddd897b84a87307c9b7fc0f01c41ca7263024fc015e5acf42c79809c4c

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 120ms
41ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_7_btf_300x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5ac5344c686b86eafbf794fddb61f6ddad50ba3484e5de873619a0740edcba5b

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 215ms
214ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

44218166f78adbc856eeeb93787eabb29f78160232ab88ea59e45dd2bb5831ce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"d5a-In3g8uYs4EJiGTfRwckE9YTDHmg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3418
x-amz-cf-id: gKzVguqanBcaqscX37yHd5V4IIfFMcV0cSrNx01po2tOq7LIYOl6vA==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 161ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2909&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=48&jsfv=nbc&ts=1644840775805&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=2902&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2F2022%2F02%2F14%2Flooking-to-switch-careers-in-a-post-pandemic-world-you-may-not-need-the-training-you-think.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2Fadvice%2F2022%2F02%2F14%2Fhow-to-get-your-financial-swagger-back-in-five-easy-steps.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F02%2F13%2Ffive-things-to-watch-for-in-the-canadian-business-world-in-the-coming-week.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 132ms
131ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2954&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=58&jsfv=nbc&ts=1644840775849&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=2930&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F02%2F13%2Fcentrist-conservatives-may-have-found-their-champion-in-the-battle-for-the-soul-of-the-party.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F02%2F12%2Fottawa-freedom-convoy-protests-continue-despite-ontarios-new-emergency-measures.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2022%2F02%2F14%2Fottawa-mayor-pushes-to-shrink-convoy-footprint-as-feds-eye-action.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 163ms
42ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Mon, 14 Feb 2022 12:12:53 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 42ms
42ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 rams2.jpg
images.thestar.com/aUi0yFtd4ulS1Lrgg93VMwyL-gg=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/football/opinion/2022/02/13/the-rams-are-super-bowl-champions-a-hollywood-ending-for... 63 KB
64 KB 29ms
29ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/aUi0yFtd4ulS1Lrgg93VMwyL-gg=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/football/opinion/2022/02/13/the-rams-are-super-bowl-champions-a-hollywood-ending-for-a-star-studded-cast/rams2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d4bc81be1c520b6abe69a2cfefff36368e2aee55e84ab17ce69affe094887d0e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 03:58:57 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 29637
etag: "1aa1c7b07c3a8ca24378b6a7040d42e1b74eaf6f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 64978
x-amz-cf-id: _pnc2WJX66rATLZG4cWqNKJKb694sK2MMFxti8libMKxdqgPDPWyFg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 128ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2983&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=82&jsfv=nbc&ts=1644840775878&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=2980&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fopinion%2F2022%2F02%2F13%2Fthe-rams-are-super-bowl-champions-a-hollywood-ending-for-a-star-studded-cast.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Folympics%2F2022%2F02%2F13%2Folympics-overnight-rare-snowstorm-causes-chaos-in-beijing-steven-dubois-wins-another-medal-plus-the-debut-of-monobob.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Folympics%2Fopinion%2F2022%2F02%2F14%2Ffrench-tandem-cements-place-among-greatest-ice-dance-duos-with-olympic-gold-medal.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2F2022%2F02%2F14%2Fwhat-to-know-about-super-bowl-56-from-cooper-kupp-to-eminem.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2F2022%2F02%2F13%2Fsuper-bowl-ads-go-heavy-on-nostalgia-and-star-power.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fanalysis%2F2022%2F02%2F13%2Fpascal-siakam-thinks-he-can-get-to-the-rim-whenever-he-wants-the-raptors-star-hasnt-been-far-off.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftennis%2F2022%2F02%2F13%2Fi-did-it-canadian-tennis-star-flix-auger-aliassime-clears-the-final-hurdle-in-rotterdam.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Folympics%2Fopinion%2F2022%2F02%2F13%2Fbeijing-2022-the-truth-about-canadas-olympic-mens-hockey-team-it-has-question-marks.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 108 B
595 B 477ms
355ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a1b9d144338ed4ee9b0f0333b037b7dbadda35472e25558b49cebdcabd15b016

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
ETag: W/"6c-B1561Z9IXJbQhopLe4lj5i69LgQ"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 108
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 127ms
126ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3005&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=87&jsfv=nbc&ts=1644840775900&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=3003&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2F2022%2F02%2F14%2Fa-kanye-trilogy-mrs-maisel-returns-and-an-alien-abduction-heres-whats-new-on-netflix-prime-video-and-more-this-week.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2022%2F02%2F12%2Fbieber-wows-a-list-crowd-at-pre-super-bowl-homecoming.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F02%2F11%2Fjon-stewart-is-defending-joe-rogan-again-and-liberals-should-listen-carefully.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20220213070228-6208fa3155b0724697933a85jpeg.jpg
images.thestar.com/0b1JsvIn6JTQEVQTyd0auKiIqZ0=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2022/02/13/graham-becomes-early-player-to-watch-in-supreme-court-drama/ 38 KB
39 KB 32ms
30ms Image
image/jpeg 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/0b1JsvIn6JTQEVQTyd0auKiIqZ0=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2022/02/13/graham-becomes-early-player-to-watch-in-supreme-court-drama/20220213070228-6208fa3155b0724697933a85jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: efb07fe7d68c976671a250c72a221417754b6fc8cd90a2451a8055e9a65d1a1d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:03:48 GMT
via: 1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 72546
etag: "9dc60059869b82989796aca39d19f1b732dd7233"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 39402
x-amz-cf-id: WazdrDxnfgBVNd59Ldntz8RQ-zr675OTGcmIAHvzQ__nUkByhgemgw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 127ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3077&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=89&jsfv=nbc&ts=1644840775973&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=3073&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F13%2Fgraham-becomes-early-player-to-watch-in-supreme-court-drama.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2F2022%2F02%2F14%2Frussian-skater-kamila-valieva-cleared-to-compete-at-olympics.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F13%2Fwest-virginia-school-district-investigating-religious-event.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F13%2F2nd-of-5-whales-brought-from-canada-to-mystic-aquarium-dies.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F14%2Fjill-biden-turns-valentines-day-into-lesson-for-2nd-graders.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F13%2Fcanada-protests-sound-common-refrain-we-stand-for-freedom.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 5CDF 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb5e16606785dc1b8fce16626f44890556c33bc9999b7e9550f75b22a1fd190

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 CP1.242f86cf.png
beijijngmedals.thecanadianpress.com/static/media/ Frame 5CDF 24 KB
25 KB 525ms
524ms Image
image/png 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/CP1.242f86cf.png
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d3e260da6c89e8893b03fb5a516d088cb46a136c094fdc5bda05ef2d3cec6f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:06:11 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "de533e1a2ef0ab3ec739b4dcc4487f49"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24792
x-amz-cf-id: bnuwi03WcxfEv-bEian2NgMl2Hr5Z7pUHFIwEUzAPCtUXAKXvB9ONQ==

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 72ms
38ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09462845220b3bb7780eee9a9e11a3b74563b18ab5c4760e279dfedb3f0e70b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 12:12:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 12:12:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 12:12:54 GMT

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

162ms
161ms

Font
text/html

143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
etag: W/"13c5d-2aOScd4HGjjnunkF7csZIZAxHhA"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: RaFJ3JosEzibxzl9EO2eDpgq_2LwcLL8-Klng39QHAHVuxzMC1f3GQ==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

Redirect headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: WKrzoP_FKIN7iucGt0q5WeaUjAPwJ2bJbWNa-GcRTXe6EyQ75LVrpQ==

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 3182ms
861ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

ce11d1dfc55e242dd2bbcf9fa94c5d809f050282ac7c62bb9f34126cf1f5b0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"a655477004180967ce0ab5fc368d7f2514eda61a"
xip: 2001:ac8:24:44::18
x-srv: fishnet-prod-feedsbackvar01
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-wbxwrnrz
grace: none
content-length: 927
x-feeds-fv: feeds-prod-vie1-var-lp
last-modified: Mon, 14 Feb 2022 12:08:17 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 689087732, 897808450 897744563
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web08
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:13:17 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 129ms
128ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3305&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=96&jsfv=nbc&ts=1644840776201&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=3304&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F02%2F12%2Fshould-i-be-this-ok-with-my-polyamorous-partner-sleeping-with-my-friend-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftogether%2Fplaces%2F2022%2F02%2F13%2Fice-ice-baby-at-torontos-latest-baths.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftogether%2Fplaces%2F2022%2F02%2F13%2Fgwartzmans-is-a-chinatown-staple-for-close-to-eight-decades.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 126ms
126ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3317&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=98&jsfv=nbc&ts=1644840776213&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=3314&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Fottawa-police-want-more-officers-to-deal-with-trucker-convoy-but-sources-say-there-is-no-plan-for-how-to-use-them.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Fwill-limiting-alcohol-make-a-difference-in-a-small-nunavut-town.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Ffreedom-convoy-news-police-have-cleared-a-week-long-protest-at-the-ambassador-bridge.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Ftruck-carrying-2000-firearms-allegedly-stolen-in-peterborough-ont-police-say.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Fcoroner-to-investigate-after-man-falls-to-his-death-from-montreal-condo-tower.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F12%2Fsecurity-expert-mountie-soldier-meet-three-men-working-with-the-freedom-convoy.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

OPTIONS
H2 200 v1
vguamh182d.execute-api.us-east-1.amazonaws.com/ Frame 0
0 336ms
113ms Preflight
application/json 18.215.5.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vguamh182d.execute-api.us-east-1.amazonaws.com/v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.5.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-5-235.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://beijijngmedals.thecanadianpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 5ca24253-a628-4bbd-80dd-e40a99d4ed6d
access-control-allow-origin: https://beijijngmedals.thecanadianpress.com
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: NiATFGKeoAMFSRQ=
access-control-allow-methods: GET,OPTIONS

GET
H2 200 v1 Show response
vguamh182d.execute-api.us-east-1.amazonaws.com/ Frame 5CDF 16 KB
17 KB 397ms
397ms Fetch
application/json 18.215.5.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vguamh182d.execute-api.us-east-1.amazonaws.com/v1
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/static/js/main.200d8e04.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.215.5.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-215-5-235.compute-1.amazonaws.com
Software: /
Resource Hash: 7b1a69ec03a22130641a6565cdf14b66d4c650884663e55f16643ed1d70999dc

Request headers

Referer: https://beijijngmedals.thecanadianpress.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-api-key: 1EzqH4aTQhzOa06ASUbZ1LFkjdsvySI7HYwwYb05
Content-Type: application/json

Response headers

access-control-allow-origin: https://beijijngmedals.thecanadianpress.com
date: Mon, 14 Feb 2022 12:12:55 GMT
x-amzn-requestid: f0131f5e-23b1-4745-a045-35599bba5a0d
x-amz-apigw-id: NiATGGRVoAMFocw=
x-amzn-trace-id: Root=1-620a4746-542820731f5f4e5f59a94f4f;Sampled=0
content-length: 16750
content-type: application/json

POST
H2 200 595 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 4 KB
3 KB 425ms
424ms XHR
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/595?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=cf530396-d681-4666-a34b-59aaf95640c1&bctempid=&overruleReferrer=&time=2022-02-14T12%3A12%3A56%2B00%3A00&ts=1644840776328

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

d4e5fe53032a0e9d1ffd9ca9e568a5816d0cd8015669dd8531c41496fd8c0cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1636
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: BBIVJJYbDydzk0RFu-1Fayj1zJISep41NiWdSISEN8-sZuggd1XimA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 595 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 422ms
421ms XHR
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

844fb94df8dee91050d00920e08c35e5be113b513f488474ac08f5882bd4f8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 176
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 7fbvs7uF5fIGcbooe6vWdBfqkvbqajT3kpwa7Hy2rGC87CtToiZ8ZA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 595 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 410ms
409ms XHR
application/json 18.66.248.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-75.dus51.r.cloudfront.net

Software

- /

Resource Hash

2adca76cf59f205438924e01aed7f2c54a4d77215a462e01e9ef9b48cc690527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 166
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: -N6JJkdshXasMZxtddBLURZpRw6SuDybf2ZSFk7wcPyKjqQHuXi2IA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v20/ 35 KB
35 KB 70ms
26ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v20/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:01:38 GMT
x-content-type-options: nosniff
age: 378676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35436
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:24:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Feb 2023 03:01:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 157ms
61ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 110ms
51ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 404 2021-q1-shop-low Show response
www.thestar.com/api/overlaydatarule/ 178 B
591 B 30ms
29ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/2021-q1-shop-low

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b8e8734d09cbff47f0afe26e91200cd19071e79647f718cd7b5c2ba16a13ebf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:25 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
etag: W/"b2-DayMIL+sW45ETiP4eQTH7WZtEKg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 89
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Error from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
content-length: 178
x-amz-cf-id: _o1PKBenux1rCDrjNwU3A5A247kT7ebJwKdQVX8IYgxXKoE23FbUDQ==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/ 35 B
49 B 128ms
128ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3558&blst=1080&ist=2104&iet=2110&bdst=1080&bdet=1263&bcttt=104&jsfv=nbc&ts=1644840776454&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc&sid=19590c01-705b-451d-fcaa-31765e9e0f77&pvid=5d8f8d71-442c-452a-ecec-5cf21d30ce12&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.8&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=3557&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2F2022%2F02%2F14%2Flooking-to-switch-careers-in-a-post-pandemic-world-you-may-not-need-the-training-you-think.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F02%2F12%2Fshould-i-be-this-ok-with-my-polyamorous-partner-sleeping-with-my-friend-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fcontributors%2F2022%2F02%2F13%2Fan-invasion-of-ukraine-would-be-a-catastrophe-but-a-larger-crisis-is-already-underway.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F11%2Fflorida-condo-collapse-settlement-leaves-survivors-including-canadians-furious-there-are-grown-men-crying-today.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F02%2F11%2Fjon-stewart-is-defending-joe-rogan-again-and-liberals-should-listen-carefully.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F02%2F11%2Fmy-friends-boyfriend-has-an-abusive-history-with-her-how-friendly-can-i-be-with-him-ask-ellie.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
861 B 109ms
108ms Script
text/javascript 3.91.210.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=cf530396-d681-4666-a34b-59aaf95640c1&&callback=bc_json597

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.91.210.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-91-210-140.compute-1.amazonaws.com

Software

- /

Resource Hash

99548a0440cc7ce83f1c97e7ad047ef6b8199e21c57f350ad846fadf8547cd79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
429 B 120ms
42ms XHR
text/plain 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=157269&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-AK-INITIAL-GEO: CC:[IT], RC:[], CN:[EU], CIP:[192.145.127.219], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.thestar.com
X-CS-CLIENT-GEO: 11
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 11
Expires: Mon, 14 Feb 2022 12:12:54 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 1791ms
1790ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 312 KB
35 KB 501ms
465ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3940015204136102&correlator=2388250029030567&output=ldjh&eid=31064151%2C31064018&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220214&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=728x90%7C970x250%2C300x250%7C300x600%2C1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250&ppid=76516464615500737111036690920354384506&prev_scp=pos%3D5%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26tkspo%3D5%26env%3Dbeta%26gs_channels%3Dts_sprts_tlvsd_gnrl%252Cgs_health%252Cgs_sport%252Cgs_covid19%252Cgs_entertain%252Cts_pl_nws_lctns_cnd_ntnl%252Cts_sprts_ctvty_bsktbll%252Cgt_positive%252Cgv_death_injury%252Cts_bz_ndstry_gnrl%252Cpr_test%252Cts_pl_nws_lctns_cnd_prvncl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_hlth_general%252Cgs_event_olympics%252Cgs_politics_misc%252Cgs_news_and_weather%252Cts_tmtv_ntrst_n_gnrl%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&cookie_enabled=1&bc=31&abxe=1&dt=1644840776534&lmt=1644840776&dlt=1644840773152&idt=2333&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C253%2C0%2C436%2C1047%2C436%2C436%2C436&adys=8717%2C2356%2C0%2C0%2C1002%2C4857%2C6120%2C7315&adks=3893840799%2C1330620276%2C2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&vis=1&scr_x=0&scr_y=0&psz=728x90%7C300x250%7C1600x0%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90&msz=728x90%7C300x250%7C1x-1%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90&ga_vid=1428096320.1644840775&ga_sid=1644840777&ga_hid=543363692&ga_fc=true&fws=0%2C512%2C0%2C0%2C512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=1%7C2%7C0%7C0%7C0%7C3%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

bbfc57fdf4af6e2c905fe39ea32c6e62a8fed1fbcb06b44b509522abd3ead5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36135
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1024 6 KB
4 KB 141ms
36ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Feb 2022 12:12:54 GMT
expires: Tue, 14 Feb 2023 12:12:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 64 KB
12 KB 35ms
34ms XHR
application/json 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1be4cf0c02a6b1a191f4ee5a059710295dc90697457419e218c8f89f7108dbd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:51 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 123
x-powered-by: Express
etag: W/"ffd0-pNPL36GclLGQRPVKtohyqJmJEa4"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: x0-amlgWJJSS5_BrsptRd7ehzqwpu8uGOX5ap5QXg5h1I1ParjwdPw==
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 12 KB
5 KB 32ms
31ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4732c25586a397ce39e3d031693be639c13420460a55af067a618f7d4f557d0d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:07 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: W/"4437a09f1c8b1fb3892e5ec004150e8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: IjdrgttekPIGYC1DAjf1l8BxbFWwASUN
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: 6A3t8zg3Yqf_JmTnh_GWiGt9Nh9L4fWpT-JS-vOpuO8gXkVZCmSu-Q==

GET
H2 200 RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 1 KB
1 KB 32ms
31ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fb45af203288313f50cecb966712a184c35df4ef86785230c38d8c3eee731d7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:07 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: W/"7bce51a23d047022cae069e168e9a4ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: c_aRIL3gt7j6hXZYAsSGueDC8Q9XXeGZ
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: 1Hz5KeviRwCBpKlgjKobIs0M3Qcl8nSc_C6nTLLor7DLck8-pVJB8w==

GET
H2 200 CAN.7c978439.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame 5CDF 1 KB
2 KB 143ms
142ms Image
image/svg+xml 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/CAN.7c978439.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:06:12 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "b71457da8c07b4e1227595484480ec14"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1423
x-amz-cf-id: 0ZL54RX-Fz1DB6bEoCvSx5xtROgacI8GM1H4qlPz_vwAbsg4ONRdVg==

GET
H2 200 NOR.7a613ae5.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame 5CDF 517 B
838 B 144ms
143ms Image
image/svg+xml 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/NOR.7a613ae5.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86edd1bd7bd5f3251da12cd3c5b391deb666745d36daf364bfaf0a5aa5d59bc5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:05 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "d27dd8f0d5c75aa2f4b709a105127fa1"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 517
x-amz-cf-id: gYAy5Pb8N4HIRbiWOvA_BhANbO0FiSvo7mKJb6BeuEZo5PhEg50R9Q==

GET
H2 200 GER.67bf05d4.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame 5CDF 493 B
816 B 416ms
415ms Image
image/svg+xml 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/GER.67bf05d4.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eba233c164f038c5c6065889f84c84fd193325dd13b6fc734fe30ef4f34a8081

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:12 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "6e41aa3c758e40cc126afa4d80bb7158"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 493
x-amz-cf-id: PZJYIVuvoYxTO_oS0UZYKUrxfgLnDnLWnSeeKM6yK2LSZx-NX7xAxA==

GET
H2 200 USA.ec4754c6.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame 5CDF 1 KB
2 KB 432ms
431ms Image
image/svg+xml 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/USA.ec4754c6.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:07 GMT
server: AmazonS3
x-amz-request-id: 89305RFC0DXS5FMT
etag: "dc797c10f6dc6fc6d9d03274dbb3c16c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 1479
x-amz-id-2: eyR1XhpsHkxTsazbWqWSvWE3lbMQi0C0q5PAlZYbRoMfu2/PUh2MZx+KPkiBj8AkrEU9b2NmiS8=
x-amz-cf-id: LWPOuN5rfTBEizyE4WtRuAn4EZ4zNpMcxFpQAUml0kkEUzNrCPneag==

GET
H2 200 NED.398702d5.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame 5CDF 219 B
642 B 431ms
431ms Image
image/svg+xml 2600:9000:224a:d400:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/NED.398702d5.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:d400:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 494874a05c407cfb2315f6aa8fc056e62fb7d5b6d8cde0761bbbb4ad477c9fbb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 809c299e67c4ffca3db95351c7287bd8.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:06:11 GMT
server: AmazonS3
x-amz-request-id: 893ENZ6QZRQRXKRW
etag: "6e0a056a4cb13462b51a9df346bf4923"
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 219
x-amz-id-2: +aL918gluT7HT2I/V6j3AoSGNDJxTt21yIgCOkPQBmP2CV3ovePivlRPPN6SlDINfk7aOz9ggG0=
x-amz-cf-id: npEu5ydfItGD-CfGga1pRZQxLMerRZA3ugfyjq69Q0CnDvIoDNfPjQ==

GET
H3 200 container.html Show response
a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F16C 6 KB
3 KB 63ms
28ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 12:12:54 GMT
expires: Tue, 14 Feb 2023 12:12:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 073E 220 KB
61 KB 133ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 65906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Sun, 13 Feb 2022 17:54:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 13 Feb 2023 17:54:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 073E 16 KB
6 KB 203ms
90ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Sun, 13 Feb 2022 12:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 13 Feb 2023 12:39:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 073E 96 KB
29 KB 205ms
93ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 122297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Sun, 13 Feb 2022 02:14:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 13 Feb 2023 02:14:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 073E 5 KB
2 KB 213ms
101ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 05:58:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 05:58:07 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 073E 42 KB
13 KB 215ms
103ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 324097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Thu, 10 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 Feb 2023 18:11:18 GMT

GET
DATA 200
OK truncated
/ Frame 073E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42e0245a08f2408a236fda680a8567ecd03462ac148cfd73139f6faed752f91e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17396901683585434381
tpc.googlesyndication.com/daca_images/simgad/ Frame 073E 33 KB
33 KB 183ms
74ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17396901683585434381

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e95fbb0a5967013557fc1db34db368da5d2a84bed0bbad09fcaaf9dd9189385d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 03:17:59 GMT
x-content-type-options: nosniff
age: 464096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34140
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 04:43:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Feb 2023 03:17:59 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 073E 2 KB
3 KB 132ms
23ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 61987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Feb 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 073E 295 B
399 B 133ms
24ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:43:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 073E 0
0 147ms
32ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlVDISFkLOQGx0f9NEfqK_Ya5JlTbeMdeVPRSuT-smXV2_7tln99gy9A9Pvhya2fNRFBEp
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 073E 0
0 89ms
88ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnCzdRkcKYqCUOMHB3gPam7DADe2Qw5xo7-v_gNoOtKrmss4TEAEgx-v2HmD9gpGE6BGgAdWlxeAByAECqQJCkGVF9QazPuACAKgDAcgDCKoErAJP0KaDce9WDcRU1gNAiwMTkOO3cuuvyfRaYgDAOF5xHQ664e2jFm3nny43AQhhoTK9_nDT--flqOSL5fG7MMn_ZYRlHcdBe7nO-dh_RK39i8wH3iyfnsAb1r0PQ0CmYXb80Z0T5M_a7s-FcJK2LbeI7N7Kr2ltBKAnttvMfKjhEdjdNAbOIEakKZIP2Qe2Ilj6AjBxQGt55E-QwwUjZKP9aAQml93Qc0uFaRkXnrlFcJCxh8mzQFVUjMs1KPKg0F-xcVkkTlbVlqgd5hI-7VZV8D0NHUStC1zG62GklbnATYWgOSf1ARYIu_ewgp0Dd-0MH28qGX0MTcCiNzHDSjd_FAUjkLUw4wU8Nf3r8QPxmUViEyeyLSnxyN3PEl4VEHe-Oks1nJnI_tWqQtHABLGiws7IA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeT2rqfAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELb8BNIICQiI4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi04MTg4NDMxNDI1NTA5OTk3GJSZFA&sigh=GkoT5vSS2DM&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame BAA6 220 KB
60 KB 171ms
68ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 65906
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Sun, 13 Feb 2022 17:54:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 13 Feb 2023 17:54:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BAA6 16 KB
6 KB 117ms
97ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 84776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Sun, 13 Feb 2022 12:39:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 13 Feb 2023 12:39:59 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BAA6 96 KB
29 KB 117ms
98ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 122297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Sun, 13 Feb 2022 02:14:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 13 Feb 2023 02:14:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BAA6 5 KB
2 KB 122ms
102ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 05:58:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 05:58:07 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame BAA6 42 KB
13 KB 123ms
103ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 324097
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Thu, 10 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 10 Feb 2023 18:11:18 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BAA6 2 KB
3 KB 127ms
25ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 61987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Feb 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BAA6 295 B
353 B 128ms
26ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame BAA6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 834fe824bfe409424e61fedda2b4f6949b24c69b0827d5f6ea95ba546b2fa76f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15771727550969794732
tpc.googlesyndication.com/daca_images/simgad/ Frame BAA6 57 KB
57 KB 120ms
27ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15771727550969794732

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87d755b138348dd7ea605508ca84ff61cd8c74277492febe6649ed38da32da72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 08:43:43 GMT
x-content-type-options: nosniff
age: 12552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58055
x-xss-protection: 0
last-modified: Fri, 21 May 2021 06:13:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 08:43:43 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BAA6 0
0 86ms
86ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrWJyRkcKYp6UOMHB3gPam7DADbyz3dBn5tnzkdAOn5_E-tocEAEgx-v2HmD9gpGE6BGgAfeAhf4DyAEC4AIAqAMByAMIqgSZAk_Q5h5b3LWh_GKyv3hc_LzeylUGAH9fcekFLHY06W-dwMSTTB99sQ2G-xO5JkppbF_VEhoDBZXocf7T3xCNUvXmarsyBCSYBoQK1ly4gUArObl_uMEUzWTo6Cz21lHbLC1wF4R3AMTZul1DKYPRXGD0wdDfkaqkQo0R3InRJzcfnXHHPRaX14zpG7ezrt5QLrLnBhMlghjp1O90QRgyH-nXv6wDYLvnZQhWRTwCFlObGxVYu60I1pCCPI037pz_IdnuTuWKJ5OSKCoG3MZ_lehVLLsdEuDJQCJHylsxD7kDrURkyWn3dlEFeVoh0iy8iESqsycP6UJ70avoNr_AZVKEY7z02wdIYmjWeu_Dp2rzB-BDsALStZBAwASpm6jjmQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH8f76AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPTJBdIICQiI4YBwEAEYHYAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi04MTg4NDMxNDI1NTA5OTk3GJSZFA&sigh=aH3wjZE_mDA&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 80ms
44ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2663514a298880242dd66949e5b2455c7e18636ed98bc8939850a8a9dded2c33

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89208
x-xss-protection: 0
pragma: public
x-fb-debug: MmECriKXD8Emg8SO92asLsUJWJp+/KUWseRPMGIDD991P7goG5/QHqNUafi35C8VfH55HfigiAnoX73yvs6Iyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 12:12:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC304342cd3a9f487980371091639a8dc3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 813 B
1 KB 33ms
33ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 897727e6dcdbc2eaa7547078b9ab387ce0c4d5d1bdaa3f42982133adbbbc4e2b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:08 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: "8a8100b71a73423bb06975d74d23d077"
x-cache: Hit from cloudfront
x-amz-version-id: f2r1ThsCrfYp4UAW2WDmvaay85M0VYGq
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/javascript
content-length: 813
x-amz-cf-id: ZfMeqb0mxgpC3E_NKaE6g1cjEwq7wl2dUFK3COHjilsgmNcWFQwV2g==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
5 KB 28ms
28ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 01:07:27 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000054-IAD, cache-fra19149-FRA

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 2 KB
1 KB 34ms
33ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b26bbc0b1784322ee18f51bfebab8d20823c77eeb37d50ac9eecf804dc7146ac

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:08 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: W/"8d6c5fefc0f7f8dcf4128e7e4a04d357"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 1rWERgMKIxQ2wxH1uBx6RRU.mrkUDE6t
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: ySi1xJQF6xWjsbO5jnjcqWGFDVskll9ZKb1JoO2nfLdSvUTW95u0pA==

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F16C 0
0 79ms
67ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEdu8RkcKYp-UOMHB3gPam7DADaCA3Ktc-q22heoGwI23ARABIABg_YKRhOgRggEXY2EtcHViLTgxODg0MzE0MjU1MDk5OTfIAQngAgCoAwGqBIsCT9DGN4eBNXT_zE5yLCLCXPMm1L1EHe8Bu33FV5KVC-6Sn_mdvf-9GDzsQiKwkELu_jTPT4ehmptm4NZkv5LyrR-OyTBclGzoKTIWD59NOHvjdQgtl2TYN-NIo3A6khrjih2DqNGMBzjN8GbPF7LyHj2TAyFuy6TusDO7XDE8WnN-XB3PGTizR-cUzZj2opn30ZbeEt5V_9aCLBbL8VY-N_3V8ecnw1APJequ2OfMAf1Afe8PmGjEYMADeTFv30PmePA647GbvZTe1xHeHxROEjbTLssamlMUTXO0bc-LDJyEvfsruxE-P2T4IF9Q7_RXtRIkIvLgT2Jij8bF_MnPhIyUu4VuQ0Kb6iya4AQBgAai2eOBtKa2xO8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=FEhw9o8ltjg&uach_m=[UACH]&cid=CAQSUQCNIrLMc8PpA3d3aEp3Ut49djHHeCx57BBZ2DV1eatxI5ZEIE2eIOUCKM9fRxZqh55AQptfWotWEtjWqTjMryGsnO_DhsqpcbR-KJyYBDznYBgB
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 YgpHRgAOCh8Kd6DBAAwN2h2pKaoFLXFZ172XPg
pr.ybp.yahoo.com/bw/adx/imp/YTGHXvFqt0kuN14XYqj_v7dvujlMtO3FPhGuOE0QudEFeg7zQ0Vt6ljtAr5sPG51jIf324qBRLLify8NdtkYXFDKzK793V0B_M_3hfcUv3p2QLWPHWN75xAMcPINoqOlfDQinEUKxBfqtnyYdevXvI1GYS-LHDcl3tcWLHYVV... Frame F16C 0
0 171ms
55ms Fetch 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.ybp.yahoo.com/bw/adx/imp/YTGHXvFqt0kuN14XYqj_v7dvujlMtO3FPhGuOE0QudEFeg7zQ0Vt6ljtAr5sPG51jIf324qBRLLify8NdtkYXFDKzK793V0B_M_3hfcUv3p2QLWPHWN75xAMcPINoqOlfDQinEUKxBfqtnyYdevXvI1GYS-LHDcl3tcWLHYVVp_uVq5DJrbfI6Mh2REwnYe8TsCYqFb2czrFh2Bgbxj_Tp6PiM5-45R7SZojUz6mQilJzJ5PjdtvNEedgpfVXwEhpsocVx70r_TWTVWoaMdB-67ZPGP58eyBiW7ggFV8e1sog8iDnB8dsHy8zIfSJwhKZ7eKyOvrDev6lxhTuFrqEXJ31uufUr09h-YonMReK12L_O0zU4c-jZ6qgRvmxCA3JxbVEhhMhi3bcnchYh3zAOlt7OeC4WIokYOipqMOre_lzyiZMEdf06afNb6QQjhtlxph0k0dIOtaLYzn6P62JprwWwBWb7DJSlIwIa84-edC0Zj6-VNsW2lmO0t81EEfjKtGOq3XVwnK9qlt2_ljk3hhd-6-G1JjxvBa8Lv3jplzjc9BvYkkmR2Btjr-g0AUIKyme7kreMce95nAo8K0ZTyeq8o-ZcBcIEk-eG1kGJQoaHs913xY3nfOoUXGjfXrlE3qYkrI1WIhoC766Hbu2jcBLR8265QJ-7kc5zGvNM0Xz9evvdIPG8fWPzpAhpeCNE1fba6R5E_KUSaKhTgiKIQVVtUJ4ZnemsxiBNZPqyrZ2yl5JbZHUJLBnl40nODIAviEA1w63OBjyLkFrJuyK_12rGvMRpBKP1f7_sgo67bd4cbTbGtaAvAilav-d-cSCCqP95Tp5FusEaufX7ZA8C71kq1w7TrMlp2NljNfPzA_lZz_gbfLsPJsCRy5RUW05up4B7EqbadiWHCcclaJB1VsefLU2SaUyFq_ntaBTDUNwqg0LR7SKnxxu6WLX-5SDhoF6vvb5hyqJXmqwU_pMJ7T1Wus9qEdBzv2tnng15y0TaqoTdJhOnI_TZS0TvMd_1G4l_wluqnZdrstdjULOFiO92x02yp7e_2bSXVybx474Bb0mG9BUhqDwNGsuzmAM4iBShEQIVJmMyiRbdBRQL11Pui3rGtcS6C4lfK37tQzpj-veR4Z5aokJYyatgHCZte1wY3lg79rKxUMCj2BSFyMw1d1MAXCYpQkpHOpayD1IlBqGKFRMMRlsaXspBpPHIrjJQXRelMqsTbVWvdLjuFjvrw0hByYhiHOT17avO9-MUjYnZQYbPZS4GFol59vC29BVtP5a-L1NAlPZIydLKkJSPR-nPfUMg7QgOwcQvOdJWn7BuX_SdDtPN_q75IZpvH2sXkhKsv44VTtGq-FXj15NkoJLLxMLehL2hcHEx4wddM26r2CxZx031hRfeLFAZbWQoGomVjISrKmPrE4e_WjkuDxcXsJHVVlPwntac19YYs2-b4oxCuaIImP_KaXgmAzpTfP2rX7Cy8R7HkLi12bfR1rxMXacr8AqgzwGS9ZJSxJKCylLMzOcwwu9MgJHSt8id4SySDEMJNpHx0JXp3ha1f_gA7_PKD8eOmZ8EaEVhWQcBI_Zz2F1QOKfBqE34WKVYZD9DAt4PLt-qLVh3LZeMd6y-4fvtrkwEUcr1QAO0iBofHqLOPeDa99EJ2QAgEcecNWTZwDJgZFJY8YbjucLuiUTfMfX64M5wTyfMwqsFQIs11NJ0ef_SCwUS2H0G5jhJqCCcKPBiPiObPID10XvkFqn47V-t9MdiXCjRH8HWe9VpCz30VvL-Bs251zr21QMGpnuoG3geVCisXtNuM9mHLDMY83_nmHEghMPETbsRZ00dTXO4tXy1-A60eSI3Dcs2rYh_0g5-fTasgois-9VmELvbgD1rVGWMmwMVEyDJ9r0MwvBoYPAP7ldV0e/wp/YgpHRgAOCh8Kd6DBAAwN2h2pKaoFLXFZ172XPg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=15552000
x-content-type-options: nosniff

GET
H2 200 aclk Show response
pr.ybp.yahoo.com/ab/secure/true/imp/YTGHXvFqt0kuN14XYqj_v7dvujlMtO3FPhGuOE0QudEFeg7zQ0Vt6ljtAr5sPG51jIf324qBRLLify8NdtkYXFDKzK793V0B_M_3hfcUv3p2QLWPHWN75xAMcPINoqOlfDQinEUKxBfqtnyYdevXvI1GYS-LHDcl3... Frame F16C 4 KB
4 KB 172ms
56ms Script
text/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://pr.ybp.yahoo.com/ab/secure/true/imp/YTGHXvFqt0kuN14XYqj_v7dvujlMtO3FPhGuOE0QudEFeg7zQ0Vt6ljtAr5sPG51jIf324qBRLLify8NdtkYXFDKzK793V0B_M_3hfcUv3p2QLWPHWN75xAMcPINoqOlfDQinEUKxBfqtnyYdevXvI1GYS-LHDcl3tcWLHYVVp_uVq5DJrbfI6Mh2REwnYe8TsCYqFb2czrFh2Bgbxj_Tp6PiM5-45R7SZojUz6mQilJzJ5PjdtvNEedgpfVXwEhpsocVx70r_TWTVWoaMdB-67ZPGP58eyBiW7ggFV8e1sog8iDnB8dsHy8zIfSJwhKZ7eKyOvrDev6lxhTuFrqEXJ31uufUr09h-YonMReK12L_O0zU4c-jZ6qgRvmxCA3JxbVEhhMhi3bcnchYh3zAOlt7OeC4WIokYOipqMOre_lzyiZMEdf06afNb6QQjhtlxph0k0dIOtaLYzn6P62JprwWwBWb7DJSlIwIa84-edC0Zj6-VNsW2lmO0t81EEfjKtGOq3XVwnK9qlt2_ljk3hhd-6-G1JjxvBa8Lv3jplzjc9BvYkkmR2Btjr-g0AUIKyme7kreMce95nAo8K0ZTyeq8o-ZcBcIEk-eG1kGJQoaHs913xY3nfOoUXGjfXrlE3qYkrI1WIhoC766Hbu2jcBLR8265QJ-7kc5zGvNM0Xz9evvdIPG8fWPzpAhpeCNE1fba6R5E_KUSaKhTgiKIQVVtUJ4ZnemsxiBNZPqyrZ2yl5JbZHUJLBnl40nODIAviEA1w63OBjyLkFrJuyK_12rGvMRpBKP1f7_sgo67bd4cbTbGtaAvAilav-d-cSCCqP95Tp5FusEaufX7ZA8C71kq1w7TrMlp2NljNfPzA_lZz_gbfLsPJsCRy5RUW05up4B7EqbadiWHCcclaJB1VsefLU2SaUyFq_ntaBTDUNwqg0LR7SKnxxu6WLX-5SDhoF6vvb5hyqJXmqwU_pMJ7T1Wus9qEdBzv2tnng15y0TaqoTdJhOnI_TZS0TvMd_1G4l_wluqnZdrstdjULOFiO92x02yp7e_2bSXVybx474Bb0mG9BUhqDwNGsuzmAM4iBShEQIVJmMyiRbdBRQL11Pui3rGtcS6C4lfK37tQzpj-veR4Z5aokJYyatgHCZte1wY3lg79rKxUMCj2BSFyMw1d1MAXCYpQkpHOpayD1IlBqGKFRMMRlsaXspBpPHIrjJQXRelMqsTbVWvdLjuFjvrw0hByYhiHOT17avO9-MUjYnZQYbPZS4GFol59vC29BVtP5a-L1NAlPZIydLKkJSPR-nPfUMg7QgOwcQvOdJWn7BuX_SdDtPN_q75IZpvH2sXkhKsv44VTtGq-FXj15NkoJLLxMLehL2hcHEx4wddM26r2CxZx031hRfeLFAZbWQoGomVjISrKmPrE4e_WjkuDxcXsJHVVlPwntac19YYs2-b4oxCuaIImP_KaXgmAzpTfP2rX7Cy8R7HkLi12bfR1rxMXacr8AqgzwGS9ZJSxJKCylLMzOcwwu9MgJHSt8id4SySDEMJNpHx0JXp3ha1f_gA7_PKD8eOmZ8EaEVhWQcBI_Zz2F1QOKfBqE34WKVYZD9DAt4PLt-qLVh3LZeMd6y-4fvtrkwEUcr1QAO0iBofHqLOPeDa99EJ2QAgEcecNWTZwDJgZFJY8YbjucLuiUTfMfX64M5wTyfMwqsFQIs11NJ0ef_SCwUS2H0G5jhJqCCcKPBiPiObPID10XvkFqn47V-t9MdiXCjRH8HWe9VpCz30VvL-Bs251zr21QMGpnuoG3geVCisXtNuM9mHLDMY83_nmHEghMPETbsRZ00dTXO4tXy1-A60eSI3Dcs2rYh_0g5-fTasgois-9VmELvbgD1rVGWMmwMVEyDJ9r0MwvBoYPAP7ldV0e/wp/YgpHRgAOCh8Kd6DBAAwN2h2pKaoFLXFZ172XPg/pclick/https://adclick.g.doubleclick.net/aclk?sa=L&ai=CbvXURkcKYp-UOMHB3gPam7DADaCA3Ktc-q22heoGwI23ARABIABg_YKRhOgRggEXY2EtcHViLTgxODg0MzE0MjU1MDk5OTfIAQngAgCoAwGqBI4CT9DGN4eBNXT_zE5yLCLCXPMm1L1EHe8Bu33FV5KVC-6Sn_mdvf-9GDzsQiKwkELu_jTPT4ehmptm4NZkv5LyrR-OyTBclGzoKTIWD59NOHvjdQgtl2TYN-NIo3A6khrjih2DqNGMBzjN8GbPF7LyHj2TAyFuy6TusDO7XDE8WnN-XB3PGTizR-cUzZj2opn30ZbeEt5V_9aCLBbL8VY-N_3V8ecnw1APJequ2OfMAf1Afe8PmGjEYMADeTFv30PmePA647GbvZTe1xHeHxROEjbTLssamlMUTXO0bc-LDJyEvfsruxF8PURqvumKs3KN3f-dNhtx-l5KhujdVDJukGUPB5tCW94JKHAcd8NG4AQBgAai2eOBtKa2xO8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_08mX0g3h0dV-C29KQt3BhOHTrEeQ&client=ca-pub-8188431425509997&adurl=

Requested by

Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

82fe70f6eb609ff3229a235f4069099d1d780d24a5eea57f4db1936236cc3c73

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:55 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/javascript
x-xss-protection: 1; mode=block
expiry: Thu, 01 Jan 1970 00:00:00 GMT
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=15552000
content-length: 3748
x-content-type-options: nosniff

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame F16C 2 KB
1 KB 100ms
87ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 12:10:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F16C 124 KB
38 KB 87ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame F16C 15 KB
6 KB 94ms
81ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 12:09:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F16C 0
0 46ms
33ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFaLgCF095ukszjCtv6IJQ97_4h_7soO7mLEyObCi35XPUtdegjQrfU4As-oZRlRnxtGPm
Requested by: Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F16C 22 KB
7 KB 97ms
85ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 10:06:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 93ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca2d24715af7a9c89c73895b3ed0f3f74fba8d7a41bc24c2b74f49b57c984445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39606
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 83ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c9ba9ce714dd4415a56e80ea126d7b1ed3e282c35a5bbcb6ba92fd9aafd2cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35889
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 RC2f54281ab7324fd39f76106466b9b969-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 1 KB
1015 B 34ms
31ms Script
text/javascript 108.157.4.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC2f54281ab7324fd39f76106466b9b969-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-110.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50063c382b074e0b9fb907b397615cdc7843212f71e01e11442af7c5e1786b42

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:10 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2446
etag: W/"43caae725d2905a9d469a4a8835b4006"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: vkSXZWe70zghMlS3vkfWUmLRyYAruVwn
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: eiC2uAtFHgKppePkLi_uyiDoMVeON_AB2L_yVVL4gVFmdNCDrvKQZQ==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
113 B 156ms
141ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a2573f46-2eca-46e7-b43c-d6719421e662&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
server: tsa_f
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5b2305d6207d76f03beef303dad79e5fca6652763528ebcd2975c5a035b4915c
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
101 B 155ms
142ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a2573f46-2eca-46e7-b43c-d6719421e662&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 14 Feb 2022 12:12:55 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6a206228d4f08ebfdc9c03440856ddb7d65ea43a6ee1b0296e5d2d23ae1738a0
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 78ms
26ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1644840777310&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644840777309.1478664833&it=1644840777141&coo=false&rqm=GET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 236ms
128ms Script
application/javascript 2a02:26f0:fb:5aa::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5aa::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 073E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

3190ms
3128ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Feb 2022 12:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BAA6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

3167ms
3105ms

Image
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Feb 2022 12:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 15771727550969794732
tpc.googlesyndication.com/daca_images/simgad/ Frame BAA6 57 KB
57 KB 77ms
41ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15771727550969794732

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87d755b138348dd7ea605508ca84ff61cd8c74277492febe6649ed38da32da72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 08:43:43 GMT
x-content-type-options: nosniff
age: 12552
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58055
x-xss-protection: 0
last-modified: Fri, 21 May 2021 06:13:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Feb 2023 08:43:43 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BAA6 2 KB
2 KB 80ms
44ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 61987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Feb 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BAA6 295 B
319 B 71ms
36ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:43:34 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F16C 10 KB
5 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/YTGHXvFqt0kuN14XYqj_v7dvujlMtO3FPhGuOE0QudEFeg7zQ0Vt6ljtAr5sPG51jIf324qBRLLify8NdtkYXFDKzK793V0B_M_3hfcUv3p2QLWPHWN75xAMcPINoqOlfDQinEUKxBfqtnyYdevXvI1GYS-LHDcl3tcWLHYVVp_uVq5DJrbfI6Mh2REwnYe8TsCYqFb2czrFh2Bgbxj_Tp6PiM5-45R7SZojUz6mQilJzJ5PjdtvNEedgpfVXwEhpsocVx70r_TWTVWoaMdB-67ZPGP58eyBiW7ggFV8e1sog8iDnB8dsHy8zIfSJwhKZ7eKyOvrDev6lxhTuFrqEXJ31uufUr09h-YonMReK12L_O0zU4c-jZ6qgRvmxCA3JxbVEhhMhi3bcnchYh3zAOlt7OeC4WIokYOipqMOre_lzyiZMEdf06afNb6QQjhtlxph0k0dIOtaLYzn6P62JprwWwBWb7DJSlIwIa84-edC0Zj6-VNsW2lmO0t81EEfjKtGOq3XVwnK9qlt2_ljk3hhd-6-G1JjxvBa8Lv3jplzjc9BvYkkmR2Btjr-g0AUIKyme7kreMce95nAo8K0ZTyeq8o-ZcBcIEk-eG1kGJQoaHs913xY3nfOoUXGjfXrlE3qYkrI1WIhoC766Hbu2jcBLR8265QJ-7kc5zGvNM0Xz9evvdIPG8fWPzpAhpeCNE1fba6R5E_KUSaKhTgiKIQVVtUJ4ZnemsxiBNZPqyrZ2yl5JbZHUJLBnl40nODIAviEA1w63OBjyLkFrJuyK_12rGvMRpBKP1f7_sgo67bd4cbTbGtaAvAilav-d-cSCCqP95Tp5FusEaufX7ZA8C71kq1w7TrMlp2NljNfPzA_lZz_gbfLsPJsCRy5RUW05up4B7EqbadiWHCcclaJB1VsefLU2SaUyFq_ntaBTDUNwqg0LR7SKnxxu6WLX-5SDhoF6vvb5hyqJXmqwU_pMJ7T1Wus9qEdBzv2tnng15y0TaqoTdJhOnI_TZS0TvMd_1G4l_wluqnZdrstdjULOFiO92x02yp7e_2bSXVybx474Bb0mG9BUhqDwNGsuzmAM4iBShEQIVJmMyiRbdBRQL11Pui3rGtcS6C4lfK37tQzpj-veR4Z5aokJYyatgHCZte1wY3lg79rKxUMCj2BSFyMw1d1MAXCYpQkpHOpayD1IlBqGKFRMMRlsaXspBpPHIrjJQXRelMqsTbVWvdLjuFjvrw0hByYhiHOT17avO9-MUjYnZQYbPZS4GFol59vC29BVtP5a-L1NAlPZIydLKkJSPR-nPfUMg7QgOwcQvOdJWn7BuX_SdDtPN_q75IZpvH2sXkhKsv44VTtGq-FXj15NkoJLLxMLehL2hcHEx4wddM26r2CxZx031hRfeLFAZbWQoGomVjISrKmPrE4e_WjkuDxcXsJHVVlPwntac19YYs2-b4oxCuaIImP_KaXgmAzpTfP2rX7Cy8R7HkLi12bfR1rxMXacr8AqgzwGS9ZJSxJKCylLMzOcwwu9MgJHSt8id4SySDEMJNpHx0JXp3ha1f_gA7_PKD8eOmZ8EaEVhWQcBI_Zz2F1QOKfBqE34WKVYZD9DAt4PLt-qLVh3LZeMd6y-4fvtrkwEUcr1QAO0iBofHqLOPeDa99EJ2QAgEcecNWTZwDJgZFJY8YbjucLuiUTfMfX64M5wTyfMwqsFQIs11NJ0ef_SCwUS2H0G5jhJqCCcKPBiPiObPID10XvkFqn47V-t9MdiXCjRH8HWe9VpCz30VvL-Bs251zr21QMGpnuoG3geVCisXtNuM9mHLDMY83_nmHEghMPETbsRZ00dTXO4tXy1-A60eSI3Dcs2rYh_0g5-fTasgois-9VmELvbgD1rVGWMmwMVEyDJ9r0MwvBoYPAP7ldV0e/wp/YgpHRgAOCh8Kd6DBAAwN2h2pKaoFLXFZ172XPg/pclick/https://adclick.g.doubleclick.net/aclk?sa=L&ai=CbvXURkcKYp-UOMHB3gPam7DADaCA3Ktc-q22heoGwI23ARABIABg_YKRhOgRggEXY2EtcHViLTgxODg0MzE0MjU1MDk5OTfIAQngAgCoAwGqBI4CT9DGN4eBNXT_zE5yLCLCXPMm1L1EHe8Bu33FV5KVC-6Sn_mdvf-9GDzsQiKwkELu_jTPT4ehmptm4NZkv5LyrR-OyTBclGzoKTIWD59NOHvjdQgtl2TYN-NIo3A6khrjih2DqNGMBzjN8GbPF7LyHj2TAyFuy6TusDO7XDE8WnN-XB3PGTizR-cUzZj2opn30ZbeEt5V_9aCLBbL8VY-N_3V8ecnw1APJequ2OfMAf1Afe8PmGjEYMADeTFv30PmePA647GbvZTe1xHeHxROEjbTLssamlMUTXO0bc-LDJyEvfsruxF8PURqvumKs3KN3f-dNhtx-l5KhujdVDJukGUPB5tCW94JKHAcd8NG4AQBgAai2eOBtKa2xO8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_08mX0g3h0dV-C29KQt3BhOHTrEeQ&client=ca-pub-8188431425509997&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Feb 2022 12:33:06 GMT

GET
H2 200 inside.js Show response
cdn.js7k.com/rq/iv/ Frame F16C 43 KB
14 KB 63ms
31ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/rq/iv/inside.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2040
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 14353
x-amz-id-2: drSISsYTgHjqGVV+A7xgva15P+bxZhOEfEE6FiEzv7YK5Io9AL1dmyDPy73WWcJ/i5Nl0MjpV2E=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Sep 2021 15:05:50 GMT
server: ATS
etag: "8ceeaab271ed688991789ed1090cb398-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1TG3NDEP34FP34C3
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d67766033ae4583af9d7273bb6d7773b18b8714e5b0a8cc6623c70f6af2b3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39621
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 133ms
49ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H3

200

activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame C672
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww....

409 B
361 B

90ms
56ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

6108764c2e0f2747071b02f29101bdde87684d1a6e3504e6e709ef486e3f78c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Feb 2022 12:12:55 GMT
expires: Mon, 14 Feb 2022 12:12:55 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Feb 2022 12:12:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame F16C 565 B
849 B 30ms
28ms Image
image/png 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png

Requested by

Host: a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
URL: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 13 Feb 2022 19:50:23 GMT
x-content-type-options: nosniff
age: 58953
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 565
x-amz-id-2: iT/d4sgbmATOhzFdfUbrMLeuapo+ahgBCLs0xMj9uBP5rCAK1mL9Cm0sbzX4fGh6/EpSxN/fK34=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Jul 2020 18:15:42 GMT
server: ATS
etag: "349bad1100a940608cb9109eb2b166a2"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: QCQZ1EW7A0BRZJR2
x-xss-protection: 1; mode=block
cache-control: max-age=15552000, public
x-amz-version-id: null
accept-ranges: bytes
content-type: image/png

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame F16C 41 KB
17 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 14:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 14:25:43 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 121ms
120ms Script
application/javascript 2a02:26f0:fb:5aa::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5aa::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
442 B 124ms
58ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=3940015204136102&vrg=2022020801&nw_id=58580620&nslots=8&eid=31064151%2C676982961%2C31064018&pub_url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&qid=CJ_P57CV__UCFcGgdwod2g0M2A&iu=58580620%2Fthestar.com%2Fhomepage&e=0&ret=728x90&req=728x90&bm=0&efh=1&stk=0&ifi=8

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B22262727.276130212;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=716780864;ord=ttml4i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCbvXURkcKYp-UOMHB3gPam7DADaCA3Ktc... Show response
ad.doubleclick.net/ddm/adi/N955713.3624834DISPLAYVERIZONMED/ Frame 3AAF 53 KB
25 KB 68ms
68ms Document
text/html 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N955713.3624834DISPLAYVERIZONMED/B22262727.276130212;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=716780864;ord=ttml4i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCbvXURkcKYp-UOMHB3gPam7DADaCA3Ktc-q22heoGwI23ARABIABg_YKRhOgRggEXY2EtcHViLTgxODg0MzE0MjU1MDk5OTfIAQngAgCoAwGqBI4CT9DGN4eBNXT_zE5yLCLCXPMm1L1EHe8Bu33FV5KVC-6Sn_mdvf-9GDzsQiKwkELu_jTPT4ehmptm4NZkv5LyrR-OyTBclGzoKTIWD59NOHvjdQgtl2TYN-NIo3A6khrjih2DqNGMBzjN8GbPF7LyHj2TAyFuy6TusDO7XDE8WnN-XB3PGTizR-cUzZj2opn30ZbeEt5V_9aCLBbL8VY-N_3V8ecnw1APJequ2OfMAf1Afe8PmGjEYMADeTFv30PmePA647GbvZTe1xHeHxROEjbTLssamlMUTXO0bc-LDJyEvfsruxF8PURqvumKs3KN3f-dNhtx-l5KhujdVDJukGUPB5tCW94JKHAcd8NG4AQBgAai2eOBtKa2xO8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08mX0g3h0dV-C29KQt3BhOHTrEeQ%26client%3Dca-pub-8188431425509997%26adurl%3Dhttps%3A%2F%2Fpr.ybp.yahoo.com%2Fcj%2Fcd%2FAHHofuxjSPQPt-4oKtx_E2r3QfXb7e71-WgPv6rUrSts8C9-BDP2zCljeptUnqZpbg0f6PIsMNZulnYxyghZErpTI_apN9VcP4hfGma_yjGlaPZfzKWTxkg1aYGamXQokxUfzOnQZAwlg-ptVtV7vA4KD5O345RPDuK4_mQDdnvHFWmZo0DQknYY5WrfWf7YR2V9psn8YaVXPM8GdOwXrxygJM172Hi6mLs2ScPW5JV-fVfPgZTBp2ieT1PB6mTY704-TAhi_UUhb29one4s3YpImho5G41J%2Frurl%2F;dcopt=rcl;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.thestar.com%2F$0;xdt=1;crlt=RDZc1tD_(!;sttr=207;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

f443c5b39c353b9b95a5ea400fd34e85afb5c525ff6cf76ca58a43ea911cf533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Feb 2022 12:12:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 25421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
2 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1644840777805&cv=9&fst=1644840777805&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c9c8f224f63930e1d0216b73870ab0c2ad299e7f8dfb5d90284d04f28c363cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
731 B 121ms
51ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612846434758&cb=1644840777812
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPU5EaGpOVGN3TURrdFpXWXdNaTAwWmpRM0xXSXpOakV0TldJNFpEQTJPV1F4WTJFdw
x-pinterest-rid: 1050096337783695
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame C672 42 B
63 B 96ms
63ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CJfgobGV__UCFVhQGwodTfcP9g;src=10230056;type=ret01;cat=land01;ord=4836858283230;gtm=2od290;auiddc=557172059.1644840777;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F16C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 172295287b738828a501d8047a3f13070332a5945ac48ca228e51b50c3532c37

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
95 B 53ms
53ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644840777883
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1300137113199927
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame ECE9 0
18 B 59ms
29ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.thestar.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Mon, 14 Feb 2022 12:12:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame 3AAF 8 KB
3 KB 69ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N955713.3624834DISPLAYVERIZONMED/B22262727.276130212;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=716780864;ord=ttml4i;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCbvXURkcKYp-UOMHB3gPam7DADaCA3Ktc-q22heoGwI23ARABIABg_YKRhOgRggEXY2EtcHViLTgxODg0MzE0MjU1MDk5OTfIAQngAgCoAwGqBI4CT9DGN4eBNXT_zE5yLCLCXPMm1L1EHe8Bu33FV5KVC-6Sn_mdvf-9GDzsQiKwkELu_jTPT4ehmptm4NZkv5LyrR-OyTBclGzoKTIWD59NOHvjdQgtl2TYN-NIo3A6khrjih2DqNGMBzjN8GbPF7LyHj2TAyFuy6TusDO7XDE8WnN-XB3PGTizR-cUzZj2opn30ZbeEt5V_9aCLBbL8VY-N_3V8ecnw1APJequ2OfMAf1Afe8PmGjEYMADeTFv30PmePA647GbvZTe1xHeHxROEjbTLssamlMUTXO0bc-LDJyEvfsruxF8PURqvumKs3KN3f-dNhtx-l5KhujdVDJukGUPB5tCW94JKHAcd8NG4AQBgAai2eOBtKa2xO8BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_08mX0g3h0dV-C29KQt3BhOHTrEeQ%26client%3Dca-pub-8188431425509997%26adurl%3Dhttps%3A%2F%2Fpr.ybp.yahoo.com%2Fcj%2Fcd%2FAHHofuxjSPQPt-4oKtx_E2r3QfXb7e71-WgPv6rUrSts8C9-BDP2zCljeptUnqZpbg0f6PIsMNZulnYxyghZErpTI_apN9VcP4hfGma_yjGlaPZfzKWTxkg1aYGamXQokxUfzOnQZAwlg-ptVtV7vA4KD5O345RPDuK4_mQDdnvHFWmZo0DQknYY5WrfWf7YR2V9psn8YaVXPM8GdOwXrxygJM172Hi6mLs2ScPW5JV-fVfPgZTBp2ieT1PB6mTY704-TAhi_UUhb29one4s3YpImho5G41J%2Frurl%2F;dcopt=rcl;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.thestar.com%2F$0;xdt=1;crlt=RDZc1tD_(!;sttr=207;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 12:11:18 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3AAF 106 KB
38 KB 118ms
27ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 14:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Feb 2022 14:19:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AAF 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 23:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Feb 2023 23:59:56 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 54ms
54ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1644840777805&cv=9&fst=1644840000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=2333138577&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.it/pagead/1p-user-list/698108511/ 42 B
548 B 123ms
53ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/pagead/1p-user-list/698108511/?random=1644840777805&cv=9&fst=1644840000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=2333138577&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8FCA 22 KB
8 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 13 Feb 2022 01:16:16 GMT
expires: Mon, 13 Feb 2023 01:16:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 125800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 s04185893172641 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.3-LBWB/ 43 B
348 B 36ms
35ms XHR
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.3-LBWB/s04185893172641

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 15 Feb 2022 12:12:56 GMT
server: jag
xserver: anedge-cdfbd77b-gxjt9
etag: 3532268671900745728-4619812318824060650
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 13 Feb 2022 12:12:56 GMT

GET
H3 200 PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FCA 35 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 07:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 07:33:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AAF 124 KB
38 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Feb 2022 12:12:56 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 73 KB
18 KB 63ms
30ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ef1714f189b5c28ac522075e5da29bd2f6c71da73988a6b3fe317baae30b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 18621
date: Mon, 07 Feb 2022 15:31:21 GMT
expires: Tue, 07 Feb 2023 15:31:21 GMT
cache-control: public, max-age=31536000
age: 592895
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AAF 0
524 B 143ms
71ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHhY7aBMPx3WZE_a-_dAiSUS5wuNrv_bDiwSjxDpVmiHd3YZr1Gj69GRmefNSKVNJB1Ni38brjzK6Zg7i5qhg-e2o59waWMjMYmtLy_tLfhUiFK1mv65zHMdVtAQMs9CQVVNAdSmYknRRgPnsfyJ-Y-SM&sig=Cg0ArKJSzITLhAflpkgoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=168&cbvp=1&cstd=165&cisv=r20220209.94954&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 349A 29 KB
10 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 06:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Feb 2022 06:12:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FCA 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BK4QaSEcKYs7QBMXL7_UPh-2KuAQAAAAAOAHgBAI&bg=!GRqlGl7NAAbAtJCDwLQ7ACkAdvg8WlEIDD6Budaz5MI-kn2K73LCVMcJxp-dfTS_BSNrtp0ZSi6JCwIAAAClUgAAAANoAQeZAzfHxY81McMmWkigqpYpmNLA3ZcRIyiII9Ljx_dRXmr6AHwzc2_bSce-S41-XzvIaoUJa6kKFjKSr6EGxRDPMKvywL6vNHQBV6RKtJ4hSHEUEvrdcDP9TX_UQ6ryR75yw8276L-PnoWM4uZs2KFe82RkOxLOWhZIjonluJtDoVkOePUQfh2jW3KXzEa2afQ-wHt6T9XYsPa1HcdvBifahjdAUfRCq_5FlzrUZ7Cvn4-smIKcdJfsU6HqzmBt-8wZSqMB8u_eGCzINzqbti5XRC9n7-Fxytlb4uzd1gF-Th_OZsb2pdZ3gZ_MpcQP4Oy9pDGRjphMPM05ftg_-qteDRIa4tu1y4MB-YQkIofm-cokwDPHWtcbcO7VZSc2qiftmgWcZmuTE7bmk9UpZKmliMhmTyngjkmp2ZDF4CNDJ1YmWPhkmA7FPudGsYds_uNKR4wU4SxWp3hp7ypelqkDgR-RIOE8HY0Ebmvc3EqqvlEMN93nKvXWJf6pNV7MhUJyg4DlRBe9f9Mt1lXYSHsKMlaef-01wypsHwCXZNkyMa1reTEYp4sSwkm34lUFYZTpqgjzwfq0cm31gXXh7T4Zuh7O2SmPFWA-4IA1ad-yBfVWAHNe1Z71de_tin9eLfijtdJAA-e8e6eP7TPJdo9hfLvOAWa55e7qaAZ_l-9b_pEhW-a_wMmTtzV1mJEP-SShwsayb-U0Dd2Sldt_Lo6P6Rt-Wzd1TDmR7xqmgNxzgNGl6W-sQV5cN0BCRhu9IpNs6J5u7O1LT8txbz0EMmwnQkcgxGcUxjFZZSNxV8iVlR3A61HL90fepqlu_5ogOJvW_2LAkkRR8JQRIMkMWzz6FACdCfhdM6hHkhJ_ZAv4AjzHqUVGutfd_qMuPv37Rlakr1M6bsKa3Z-BInhcb2QVr8VAyVo9OfOC5aEU7iP6eT75XfEG1w-rFRLT9MP4sYs4moE7hhySHDvIUW7jTJ50mBdEdpyef5cD6DPooRbek6nIeuUyj4mishi9x1B7hkr-2qnSy52HGQmgXHJ1hxvnNusz8yg1FWkI6ReIMgFK7kIY0SHV7-PXKBmeODXwb5_TSeedgUR0OL1e

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AAF 0
23 B 116ms
70ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHhY7aBMPx3WZE_a-_dAiSUS5wuNrv_bDiwSjxDpVmiHd3YZr1Gj69GRmefNSKVNJB1Ni38brjzK6Zg7i5qhg-e2o59waWMjMYmtLy_tLfhUiFK1mv65zHMdVtAQMs9CQVVNAdSmYknRRgPnsfyJ-Y-SM&sig=Cg0ArKJSzITLhAflpkgoEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&vt=11&dtpt=160&dett=3&cstd=165&cisv=r20220209.94954&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 728x90_7.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 5 KB
5 KB 28ms
27ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/728x90_7.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d8cc4215a9a87d7b90f035aaecf76ec15b588fbf3e3a4c0a41c823ebb9549c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4781
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 728x90_6.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 2 KB
2 KB 33ms
32ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/728x90_6.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9804a116d9296fc71f2b777a40be50de55f5a164fa64934e272b8093f3b7ef48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1893
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 2_3.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 1 KB
1 KB 34ms
33ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/2_3.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a063af802fff5e9f39fe5924fd5283cb814a5e8294da045eda7367294bc541

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1459
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 1_2.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 4 KB
4 KB 30ms
29ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/1_2.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34b1c3ca2a3826fc27d409d731ec5f600272e654e813910a7f9d338548e7242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3825
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 728x90_2.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 1 KB
1 KB 33ms
32ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/728x90_2.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99b1c817a97ae65b52a5a6fc46c4d0321e963efd13ec649d5ed79e5365dc31b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1430
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 728x90_3.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 5 KB
6 KB 28ms
27ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/728x90_3.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5e958821690fe722860107ef48759a5dbceed821d061a488d220dfe6c0ee8a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5617
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 728x90_1.png
s0.2mdn.net/sadbundle/17534218393404671665/ Frame 349A 1 KB
1 KB 34ms
34ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17534218393404671665/728x90_1.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aeefeffe21d5f27ba2c05d4f65483270fcaded4bf9daf33ed11e837b6b45d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17534218393404671665/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:31:21 GMT
x-content-type-options: nosniff
age: 592895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1199
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 16:24:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Feb 2023 15:31:21 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 073E 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBics_AXPo_gl2uq47DPqhMwiAUmJ2m1o3EQO1LMJjk-W0UhoCx6k79mNDyKPTcIZso_b4-9HDU20F2TfHUjkOXNOHe1JyLOimPuoKGa2RF1PwJ-U74Q&sai=AMfl-YQoMu8xuOvD1xYSbQVJloAx_UvTZP9hMGKGgPI8NIbh6AX132WxsSDQ2k7KomknApwqPVWUAh0o-F6tmTXJhqTDfF1ciYTaevkBOzDfVwiDno17TnY0DwuoYAEeHwa0O-rqk-MZvgSvImXE_3wbafWL&sig=Cg0ArKJSzJlx90LmHS2vEAE&cid=CAASPeRoj10VX8d85LPcaGUkdvsLX9RkML94kK1wwLAuRAzrnA_THsn6LKPAHWWpgjh7CtFkmoU8vNjyy1jhkho&id=ampim&o=1047,997&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=444&tls=1445&g=81.19999766349792&h=81.19999766349792&tt=1445&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1330620275

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F16C 42 B
64 B 104ms
58ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHyUKyZxWWTBNvr2ZVB6pU91Pbn6hRJlVRfr_LJ3vCeDnjtuYn1790BMk055nL4jqFiAiJ4Wasa7nbaLe_9saPWg&sig=Cg0ArKJSzF_KaTB6BoXaEAE&id=lidar2&mcvt=1000&p=10,436,104,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1887631228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644840777116&rpt=755&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 yv
beap-bc.yahoo.com/ Frame F16C 43 B
306 B 60ms
58ms Ping
image/gif 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://beap-bc.yahoo.com/yv?sek=4745360592691770709:1644840775074&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=7Xybm86eHGniJYceJgZjaPFrYSBmb2bTm2kvk8yCYwOivcI2uXrjuHaXDEZ_B6EITEPa3mmavuAkjJBGlmhiTu2vN8DcCl4TE-nih1cyEi2qWD3Nlmb9umgRThBE8ZlkQLJC2ti7fnbd5jl9jXdTxQfZ6w9RuSCIO_SMGGi3CeBPip0OhKm_39b4T5YCIB9zHTIb4r3QPrp3gCBU-2kNsB5HXjVUeMlt&iv=96&v=1&m=2&r=1644840778915&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7

Requested by

Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:57 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection: 1; mode=block
cache-control: no-cache, private
content-type: image/gif
content-length: 43
x-content-type-options: nosniff
accept-charset: utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3AAF 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssRnYiQDV6X0PBhHh2bSYpSJP6HED5JyhpVwLCEo6thNeX6nDow9JwgviMpw8JSpFCqofJV6B__VpGTBCMedTDo0OPK2gRAeQA&sig=Cg0ArKJSzPKPpGKKwD1_EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=716780864&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644840777795&rpt=406&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 261ms
261ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

77cd5b400b171e38d18c72be8020c15fe977ef4c59e73b1fa797d45dfc8fa8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"ba88aaf7efc4636694e77b2a7ad99bf73ea943d6"
xip: 168.119.68.251
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-prod-zrh4-web3
grace: none
content-length: 725
x-feeds-fv: feeds-prod-vie1-var-il
last-modified: Mon, 14 Feb 2022 11:16:52 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 207904497 206818263, 918012060 917746751
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3594
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web3
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:16:57 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 3 MB
198 KB 448ms
447ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) / PHP/7.4.22

Resource Hash

81c61a6decf92624f849e555b8d2c56b3a1e0d51bfa10ac3e9ba8fb55e51ca12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"7b7bf65ba65e7ce016a4313ba28221fbbfa8a7d9"
xip: 168.119.68.248
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-narlgiqb
grace: none
content-length: 201738
x-feeds-fv: feeds-prod-euc1-fvauto-0b5a3c37e62d949d1
last-modified: Mon, 14 Feb 2022 11:45:56 GMT
server: nginx/1.18.0 (Ubuntu)
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1039921287, 764515432 764675871
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=18
xyolo
access-control-max-age: 10800
x-sbe: feeds_web04
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 11:46:17 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 638ms
637ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

521e24807293eb4e4b0763969517f0c36ee2754403187190a5f05c7f6ae279b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"9b6db1875ff12b99ab984761cffe79281f79d6c8"
xip: 2001:ac8:24:44::18
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-qryhirqv
grace: none
content-length: 602
x-feeds-fv: feeds-prod-vie1-var-lp
last-modified: Mon, 14 Feb 2022 12:09:57 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 298047503 287378009, 900600650 899747548
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web07
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:14:57 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
132 B 34ms
34ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 1443775e8e8588cd0d46feb8d53643ab8d45465c2f4fb7d569ce487e627be178

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:58 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
via: 1.1 google

GET
H2 200 90903 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 11 KB
3 KB 155ms
155ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/90903

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

59e0b0f64a00b0ca5cf185408429fb5bb00bc10a6b283e40ed957a83a589baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"cd377ebf4e0fa9c1e7c6b87e6d8895f7e3c70c18"
xip: 2001:ac8:24:44::18
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ldtjwkwc
grace: none
content-length: 2207
x-feeds-fv: feeds-prod-vie1-var-se
last-modified: Mon, 14 Feb 2022 12:12:22 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 140145949 145033497, 247286008 510433656
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web01
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:12:42 GMT

GET
H2 200 3685.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 237ms
52ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3685.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1a3b"
x-varnish: 279656899 279503304
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6715
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 234ms
49ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-17cf"
x-varnish: 279806322 279583028
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6095
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3681.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 213ms
28ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3681.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1b03"
x-varnish: 179636130 178672025
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6915
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3676.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 213ms
29ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3676.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1707"
x-varnish: 147970012 155811730
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5895
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3693.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 231ms
46ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3693.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-198d"
x-varnish: 144560209 144247380
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6541
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 794340.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 242ms
58ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/794340.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 23 Sep 2021 14:22:12 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "614c8d94-1299"
x-varnish: 285683864 285350732
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4761
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3686.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 31ms
31ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3686.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1af6"
x-varnish: 165476143 164898271
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6902
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 41ms
41ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1327"
x-varnish: 288543455 287528121
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4903
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 31647333 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 125ms
124ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647333

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

098a107590aad1c9f618a55473c9044a9747ea3576db475ba4954fa22a754a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"cc2d7b007a1ad9de960dfb4599e0a35a23a04692"
xip: 168.119.68.248
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ldtjwkwc
grace: none
content-length: 1703
x-feeds-fv: feeds-prod-vie1-var-rg
last-modified: Mon, 14 Feb 2022 11:45:05 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 142413717 83590132, 722997596 603612036
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web01
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:45:05 GMT

GET
H2 200 31647335 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 204ms
203ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647335

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

cd0fdc1ce17de8870ab1025bdd0751ad0d4632bf7dddb4f09618587e6d1890b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"08bc15c3c4ce67105cd69fbfae7adefaff0be000"
xip: 168.119.68.187
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-dergvdbg
grace: none
content-length: 1731
x-feeds-fv: feeds-prod-vie1-var-jf
last-modified: Mon, 14 Feb 2022 11:36:06 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1040580134 1041849960, 831259368 584935219
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web02
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:36:06 GMT

GET
H2 200 31647337 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 271ms
271ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647337

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

034d8b0ad6be06a2b0ab91b83f2877e18239f340112417e4729689728f790b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"731948c1393a32882b762e40a650023a23962476"
xip: 168.119.68.187
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ixniufmx
grace: none
content-length: 1708
x-feeds-fv: feeds-prod-vie1-var-se
last-modified: Mon, 14 Feb 2022 11:36:32 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 20415418 12584841, 508819744
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3596
xyolo
access-control-max-age: 10800
x-sbe: feeds_web12
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:36:35 GMT

GET
H2 200 31647339 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 343ms
343ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647339

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

0a2fc84e8dedb434e4de04443303d74daed3bb479303f76f73ff8eb28ff30b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"75893c1a01fcc814815f7759ee2758c88bbfcdc1"
xip: 185.212.169.100
x-srv: fishnet-prod-feedsbackvar07
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-gogkqhag
grace: none
content-length: 1713
x-feeds-fv: feeds-prod-vie1-var-kn
last-modified: Mon, 14 Feb 2022 11:22:23 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 537431238 535568650, 730138898 728494371
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web11
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:22:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
47ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1644840773733&de=149164139775&rx=606547873271&m=0&ar=944fd8091a1-clean&iw=60a2507&q=1&cb=0&cu=1644840773733&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&ac=1&it=500&pe=1%3A1055%3A2348%3A0%3A1082&fs=196859&na=785822550&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Feb 2022 12:12:59 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 91 B
300 B 263ms
160ms XHR
application/json 54.194.29.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.29.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-29-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c52010cca25751623a2c5a31a634411c1e8aef71dd342b7cc070ec8a9bea04ba

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 91
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 50ms
50ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

977b9fcc428d7679f6331d532930753d56bfd69a4b9ff5e3131ee313f61f284c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9743
x-xss-protection: 0

GET
H2

200

ct.html Show response
www.pinterest.it/ Frame 999F
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.it/ct.html

413 B
4 KB

214ms
213ms

Document
text/html

2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

f264c3506d22e3fc59a947d981079993955d3b85fe7e8bdefd8479865a4f92d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-3581198aabeb31ecbca9317e0e6dbd5b' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1181758597895988; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-3581198aabeb31ecbca9317e0e6dbd5b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1181758597895988; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-3581198aabeb31ecbca9317e0e6dbd5b' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 95
pinterest-generated-by: coreapp-webapp-prod-0a01199f
content-encoding: gzip
pinterest-version: a494082
referrer-policy: origin
x-pinterest-rid: 1181758597895988
date: Mon, 14 Feb 2022 12:12:59 GMT
content-length: 278
akamai-grn: 0.7599645f.1644840779.23ce703b
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.it/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 193
pinterest-generated-by: coreapp-webapp-prod-0a0116dd
content-encoding: gzip
pinterest-version: a494082
referrer-policy: origin
x-pinterest-rid: 3712487675744453
date: Mon, 14 Feb 2022 12:12:59 GMT
akamai-grn: 0.7599645f.1644840779.23ce6fa1
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 50ms
16ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:59 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 96ms
49ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:58 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4BB60CA5CEE43B4BDCF70397DD93FE3 Ref B: ZRHEDGE0815 Ref C: 2022-02-14T12:12:59Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 101ms
26ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c23c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c23c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=12085
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H3 200 B24540798.279406836;sz=1x2;ord=926050806644 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 31 KB
11 KB 56ms
56ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=926050806644?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

449d89ee54d8a208708e2ab03906d26ac79be0cb1c08c06dbdb826606759791b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11528
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
34 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57d59994d40bdfa1c636d5066c937f11bd7142e0a313e4cd5d7ba0834a388e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:59 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35095
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:59 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
117 B 146ms
145ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a681a1ce-1e1a-42af-928a-ec78ae552bd8&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 14 Feb 2022 12:12:58 GMT
content-encoding: gzip
server: tsa_f
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5b2305d6207d76f03beef303dad79e5fca6652763528ebcd2975c5a035b4915c
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
97 B 143ms
143ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=a681a1ce-1e1a-42af-928a-ec78ae552bd8&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 103
date: Mon, 14 Feb 2022 12:12:58 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 6a206228d4f08ebfdc9c03440856ddb7d65ea43a6ee1b0296e5d2d23ae1738a0
content-length: 43

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 44ms
43ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:58 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 42ms
42ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Mon, 14 Feb 2022 12:12:58 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 30ms
29ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-DaqaxDFvVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-7pu29h1deVpMDA%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644840773733&de=149164139775&rx=606547873271&cu=1644840773733&m=7064&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11700&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1055%3A2348%3A0%3A1082&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=1801813355&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Feb 2022 12:12:59 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 195ms
195ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Feb 2022 12:12:59 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 163ms
129ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1644840780899&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=8da37149-eee1-4273-9602-7d79e81ef617&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:59 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ 8 KB
3 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=926050806644?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 12:11:18 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ 0
23 B 70ms
70ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvitZ-3K8NYztIy9gEcGFx_WhMx43RNWAZHPsCn5eV1S_eBSQDzalAC7wlYcGd0c2J3U4Jcebm7mIAwbkHT4OG26Xr0tayC9o7ihQjCdEuz9Prr96LZxWTX9J7W4EIpGZyaJS55HnRcooLDNdpRdq4&sig=Cg0ArKJSzImBRvWv2pXdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220209.34062&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=926050806644?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 681 B
748 B 152ms
152ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/13008914.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: 9ac58b9f097c595de382b6fd0c1bf9e245ae88e0d336e312f1b4e9ac4463e4ea

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D64FEE1C712442F099FC794205E25F35 Ref B: ZRHEDGE0815 Ref C: 2022-02-14T12:12:59Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 579

GET
H2 204 0
bat.bing.com/action/ 0
173 B 49ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=76a75a20-743b-4b30-97dc-dc55ca90ee3e&sid=741c28e08d8f11ec9df355accc118332&vid=741c59108d8f11eca2c26ff441240152&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=7935&evt=pageLoad&msclkid=N&sv=1&rn=238069
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB5762967936446599E66DF1B501DC31 Ref B: ZRHEDGE0815 Ref C: 2022-02-14T12:12:59Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1644840780953%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQIZ5YsjL1PX6wAAAX74Jn9VvZkHLS3bQIptDVKE1rQE...

0
156 B

356ms
128ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQIZ5YsjL1PX6wAAAX74Jn9VvZkHLS3bQIptDVKE1rQEkmlDJz3qdi5yB7B2-VhPYzmJeQ
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:59 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: YMbfgPml0xZQaHZk+SoAAA==

Redirect headers

date: Mon, 14 Feb 2022 12:12:59 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EF8B42422AB541A1B53C554A6ECFE2CE Ref B: ZRHEDGE0517 Ref C: 2022-02-14T12:12:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840780953&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQIZ5YsjL1PX6wAAAX74Jn9VvZkHLS3bQIptDVKE1rQEkmlDJz3qdi5yB7B2-VhPYzmJeQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXX+VZhDzvCnfrfvhmBFg==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 728F 13 KB
5 KB 36ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 11:27:07 GMT
expires: Tue, 14 Feb 2023 11:27:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FD63 783 B
537 B 36ms
36ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d9fe28e320247a285d58abc319a07d0aa1dd06cc410ca6d0a7e5772c0557e348

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M5Uf89K0P2ZYG5FZh0lWPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 14 Feb 2022 12:12:59 GMT
date: Mon, 14 Feb 2022 12:12:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-M5Uf89K0P2ZYG5FZh0lWPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.32/ 53 KB
23 KB 352ms
117ms Script
application/javascript 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:59 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=25BC2D46511C489189A85CC59E851A98&RedC=c.clarity.ms&MXFR=33CA9CECD4D662680F2C8DA7D0D66CE1
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25BC2D46511C489189A85CC59E851A98&MUID=15D283BF3ADD63341CB992F43B2C62AE

42 B
464 B

179ms
179ms

Image
image/gif

40.91.78.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25BC2D46511C489189A85CC59E851A98&MUID=15D283BF3ADD63341CB992F43B2C62AE
Protocol: H2
Server: 40.91.78.9 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
last-modified: Thu, 13 Jan 2022 19:51:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3bc6e26b78d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DD2DF5E371254B029E4F64EA1C7A24D3 Ref B: ZRHEDGE0815 Ref C: 2022-02-14T12:12:59Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=25BC2D46511C489189A85CC59E851A98&MUID=15D283BF3ADD63341CB992F43B2C62AE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD63 0
0 74ms
74ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=3940015204136102&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js Show response
pagead2.googlesyndication.com/bg/ Frame 728F 35 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 07:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 07:33:43 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 728F 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 61ms
61ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=3940015204136102&bg=!R0SlRADNAAbAtJCDwLQ7ACkAdvg8WunobzoFhlxBrsRQaFc7CfQod5Dd_DrwKetAEMLwMfmNvr8bkgIAAAB8UgAAAAZoAQeZArrTUHNMGm3wmn4FX2ctYH9tb7iWl1bnHiS8vgZihl4_tSAgxzZzXTLBP8HV8it9aP3SWt0lSm4Eh0kNFttSQiAgjm7irurSpNCugMDxOzs6XCpEipWH4LA60-srxG8BIgCSB4ZpT4eHw17gVk9DTc1lpwPqLY6MwsOM6-W40QMG-6ORmaHAx0uZSlAe_aVpn6-tVeZeStSLSxA5W5y6Wu49WXDkOKt60fCZlFINJ4aNMAkqNQE5vrFHGNI2sZOYanHIcIYfK6gh5teXgFwYSTxTdyB9Ys6KuhCR6PYm1B1yyK-eMKq7UOxZm2wrkUu0e0GvilHSerFHLNEv76wyTBGsiC05tbbJkCaEC6VPTYENNWWe5txpdTPWdVW6LYgPeD-z_N-1k7PSWkBrkFKpl7eZYywqrj3u_cKH9HysmsaIGrDNW-iprVwb3Cwj7CG4SPKEAmsroDdNBqBwNRXYtPzqU2k5FYlWi1VX9eQcsQrZSiNcLOBvUDQm5oYWyns6ZEYTGQpjQEfHVoUaFpTuZkj7u4OT3Z06rJm5V3_b6JAUqt5rAqYnUyEEd60OlPz0oyDmDH4iBb5meYM5QltGTdFU0oMwmhd0VfGHeZ21fLgHQTqQ-AYSVr4lPQ-6vwPRUafIo3pwYUHrds64Vdd8PHUcm0XmZwiXBcuJN8C0AVuXCU0xvKxoVbcPevK1xlx9smaR4ELmfd5n0YyQXxkqdTSNBCtURqHXaJ474Uc3thmls4Kpd0WrVUKeBEr8ZnWAoY0OladFHl0ILA9dghN1RvTyYcP9m-XpAQ1n_VCGMOMyk-V-PFx9ckdjQXNSco83CJB2pOlzxCXPf0u5JYxNCuSEDnx0uKKF5LPK9Vs7jxuenUt53zUO2eV-MdX9TT4zOMo5BM5VeG_sT46TafbJgBb_E-otCtBWBxEtcw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
www.pinterest.it/_/_/csp_report/ Frame 999F 0
4 KB 156ms
155ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/_/_/csp_report/?rid=1181758597895988

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-e51edfef6cd0803ba8b2d56cbaed71bf' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2606940275852197; frame-ancestors 'self' , script-src 'nonce-e51edfef6cd0803ba8b2d56cbaed71bf' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2606940275852197
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-e51edfef6cd0803ba8b2d56cbaed71bf' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2606940275852197; frame-ancestors 'self' , script-src 'nonce-e51edfef6cd0803ba8b2d56cbaed71bf' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2606940275852197
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.7599645f.1644840779.23ce70d2
content-security-policy-report-only: script-src 'nonce-e51edfef6cd0803ba8b2d56cbaed71bf' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 33
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 2606940275852197
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a494082
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 12:12:59 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0119b1

POST
H2 204 /
www.pinterest.it/_/_/csp_report/ Frame 999F 0
4 KB 240ms
238ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/_/_/csp_report/?reportonly

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-76c56b15aa2d5b25523ab045409ea170' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1407652214943566; frame-ancestors 'self' , script-src 'nonce-76c56b15aa2d5b25523ab045409ea170' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1407652214943566
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-76c56b15aa2d5b25523ab045409ea170' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1407652214943566; frame-ancestors 'self' , script-src 'nonce-76c56b15aa2d5b25523ab045409ea170' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1407652214943566
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.7599645f.1644840779.23ce70d3
content-security-policy-report-only: script-src 'nonce-76c56b15aa2d5b25523ab045409ea170' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 89
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1407652214943566
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a494082
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 12:12:59 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011004

POST
H2 204 /
www.pinterest.it/_/_/csp_report/ Frame 999F 0
4 KB 176ms
175ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/_/_/csp_report/?reportonly

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-ae9e894873f0f8a07745b770e77e0a44' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1319724321595037; frame-ancestors 'self' , script-src 'nonce-ae9e894873f0f8a07745b770e77e0a44' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1319724321595037
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-ae9e894873f0f8a07745b770e77e0a44' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1319724321595037; frame-ancestors 'self' , script-src 'nonce-ae9e894873f0f8a07745b770e77e0a44' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1319724321595037
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.7599645f.1644840779.23ce70d7
content-security-policy-report-only: script-src 'nonce-ae9e894873f0f8a07745b770e77e0a44' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 53
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1319724321595037
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a494082
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 12:12:59 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a01102e

POST
H2 204 collect Show response
d.clarity.ms/ 0
70 B 123ms
123ms XHR
text/plain 40.76.174.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Mon, 14 Feb 2022 12:12:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
131 B 34ms
34ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 85f1f34b7fe22a62a28d7c34f1cef71f3206e9b60009a439843e40918b141383

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:13:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
via: 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?BF2AOA

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e377.thestar.com/DG/DEFAULT	1970-01-20 10:30:00	Name: BCSessionID Value: cf530396-d681-4666-a34b-59aaf95640c1
torstar.blueconic.net/DG/DEFAULT	1970-01-20 09:39:36	Name: BCSessionID Value: cf530396-d681-4666-a34b-59aaf95640c1
www.thestar.com/	1970-01-20 09:39:36	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 09:39:36	Name: last_visit_bc Value: 1644840773340
.thestar.com/	1970-01-20 09:39:36	Name: bc_tstgrp Value: 3
.thestar.com/	1970-01-20 09:41:03	Name: _vwo_uuid_v2 Value: DA7E155D6B7CEDE89E85B0EFD62AED69E\|3c3db07b9522e8fbb436ee35a55e4a58
.thestar.com/	1970-01-21 03:12:15	Name: permutive-id Value: 9dbedc4d-9b14-42f6-acb3-c4bf7dd24df8
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 03:02:10	Name: pxid Value: 3ed86abf-b260-4b55-a887-290a089432d9
.thestar.com/	1970-01-20 03:18:00	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-23 16:30:00	Name: _vwo_uuid Value: DA7E155D6B7CEDE89E85B0EFD62AED69E
.thestar.com/	1970-01-20 00:54:02	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 03:03:36	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A-1%241644840771%3A49.81572034%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A1
.t.co/	1970-01-20 18:25:12	Name: muc_ads Value: e9f9a817-127b-4eda-809c-93bf71909204
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.twitter.com/	1970-01-20 18:25:12	Name: personalization_id Value: "v1_tA9zazbmkMHn78/ilaM0Nw=="
.demdex.net/	1970-01-20 05:13:12	Name: demdex Value: 76553084876567545331039792265391362160
www.thestar.com/	1970-01-20 01:37:12	Name: AccessToken Value: idv2kzmnq8b56pwvr7kha2by1mectljoif
www.thestar.com/	1970-01-20 00:55:27	Name: ios-smart-banner-shown Value: true
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 19590c01-705b-451d-fcaa-31765e9e0f77
.thestar.com/	1970-01-20 09:39:36	Name: _ig Value: f9aaf937-e7ce-4d8e-fea8-68f3b8793bbc
.scorecardresearch.com/	1970-01-20 18:10:48	Name: UID Value: 1414f016041048a9529de211644840773
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1970-01-20 18:25:12	Name: s_ecid Value: MCMID%7C76516464615500737111036690920354384506
.everesttech.net/	1970-01-20 09:39:36	Name: everest_g_v2 Value: g_surferid~YgpHRQAAAHfNAwQS
.thestar.com/	1970-01-20 00:54:02	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1644840775278%2C%22slts%22:0}
.thestar.com/	1970-01-20 18:25:12	Name: _ga Value: GA1.2.1428096320.1644840775
.thestar.com/	1970-01-20 00:55:27	Name: _gid Value: GA1.2.1129704929.1644840775
.thestar.com/	1970-01-20 00:54:00	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 00:54:00	Name: _gat_UA-73335503-3 Value: 1
.dpm.demdex.net/	1970-01-20 05:13:12	Name: dpm Value: 76553084876567545331039792265391362160
.thestar.com/	1970-01-20 18:25:12	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19038%7CMCMID%7C76516464615500737111036690920354384506%7CMCAAMLH-1645445575%7C6%7CMCAAMB-1645445575%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1644847975s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19045%7CvVersion%7C5.3.0
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 10:23:24	Name: _parsely_visitor Value: {%22id%22:%22pid=6b857becc244a8d745c37e974b59deb1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644840775278}
www.thestar.com/	1970-01-20 09:39:36	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.adsrvr.org/	1970-01-20 09:39:36	Name: TDID Value: ff744ce6-f1aa-492c-b73b-7218b148e223
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1644840775851
.rubiconproject.com/	1970-01-20 09:39:36	Name: khaos Value: KZMNQ7Z6-13-3D7K
.rubiconproject.com/	1970-01-20 09:39:36	Name: audit Value: 1\|hLZGFuTafB3pQ/gU4WHf/1qbBgMWySGKaxJuuRhJfvf1WuVaZUhTAV7p5viM+XFwZ5DH12jhCRGScjHPe80SWMxuhZpbWKLt+XD9g38/+iI=
.adnxs.com/	1970-01-20 03:03:36	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2H`eu]3-f!@wnf-Te9(>wL5L!!'/K$UAb)
.adnxs.com/	1970-01-20 03:03:36	Name: icu Value: ChgI8ppSEAoYASABKAEwxo6pkAY4AUABSAEQxo6pkAYYAA..
.adnxs.com/	1970-01-20 03:03:36	Name: uuid2 Value: 6235083304850904000
.www.thestar.com/	1970-01-20 18:25:12	Name: ts_s_ecid Value: MCMID%7C76516464615500737111036690920354384506
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: cf530396-d681-4666-a34b-59aaf95640c1
torstar.blueconic.net/	1970-01-20 01:04:05	Name: AWSALBCORS Value: tP1gxMNkxXlNB9qGx7SSG6oF4gh24/nJCkQkbFYo799+f35EOH+PxD6+sy6l3wKdGnJTlqSqmou3bDGCSNDKdEh/I90qvs8uvlQOy1/fd09SkzNERVWTsanrb3vb
www.thestar.com/	1970-01-20 00:58:19	Name: digitalAccessOverlayStatus Value: nextPage
www.thestar.com/	1970-01-20 01:01:12	Name: digitalAccessOverlaySubscriberStatus Value: nextPage
e377.thestar.com/	1970-01-20 01:04:05	Name: AWSALB Value: AkUe8uusMqWUKIzZ03mMI+SAiStxSMWha/03VyOoS5sL778wJYMxr89QoErI7h/nU+9ZSVU9VeHooCaBdXTw5Qo8NnRVW4N2DEA/cztJOw1N1vrWOa1eUbCGLWwe
e377.thestar.com/	1970-01-20 01:04:05	Name: AWSALBCORS Value: AkUe8uusMqWUKIzZ03mMI+SAiStxSMWha/03VyOoS5sL778wJYMxr89QoErI7h/nU+9ZSVU9VeHooCaBdXTw5Qo8NnRVW4N2DEA/cztJOw1N1vrWOa1eUbCGLWwe
.thestar.com/	1970-01-20 10:15:36	Name: __gads Value: ID=f3277ac38bbdf634-22004b383fcd00f2:T=1644840774:S=ALNI_MbB56-jMwyuG3m_pcSC4NhO_3Oe9g
.doubleclick.net/	1970-01-20 10:15:36	Name: IDE Value: AHWqTUm9vsYDn2uTixunvsGnqluZ5hANj78I7WroBbeYbSZ93dBZWP8KKIh-gjfOBgg
.thestar.com/	1970-01-20 03:03:36	Name: _fbp Value: fb.1.1644840777309.1478664833
.facebook.com/	1970-01-20 03:03:36	Name: fr Value: 02qrIBnpCJd2cX8wJ..BiCkdH...1.0.BiCkdH.
.thestar.com/	1970-01-20 03:03:36	Name: _gcl_au Value: 1.1.557172059.1644840777
.thestar.com/	1970-01-20 09:39:36	Name: _pin_unauth Value: dWlkPU5EaGpOVGN3TURrdFpXWXdNaTAwWmpRM0xXSXpOakV0TldJNFpEQTJPV1F4WTJFdw
.thestar.com/	1970-01-20 01:37:12	Name: s_nr Value: 1644840778019-New
.thestar.com/	1970-01-20 09:39:36	Name: s_nr2 Value: 1644840778020-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 00:54:04	Name: DSID Value: NO_DATA
www.thestar.com/	1970-01-20 01:37:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thestar.com/	1970-01-20 03:03:36	Name: _rdt_uuid Value: 1644840780897.8da37149-eee1-4273-9602-7d79e81ef617
.bing.com/	1970-01-20 10:15:36	Name: MUID Value: 15D283BF3ADD63341CB992F43B2C62AE
.thestar.com/	1970-01-20 00:55:27	Name: _uetsid Value: 741c28e08d8f11ec9df355accc118332
.thestar.com/	1970-01-20 10:15:36	Name: _uetvid Value: 741c59108d8f11eca2c26ff441240152
.linkedin.com/	1970-01-20 01:37:12	Name: UserMatchHistory Value: AQLYJK85nqDodgAAAX74Jn4_ryenIHjDoVDboWXtzmyqxjp_Fl3cY6nJm3rdh3MO8kXIF06w8_4sEA
.linkedin.com/	1970-01-20 01:37:12	Name: AnalyticsSyncHistory Value: AQKK3IhI9VDy4wAAAX74Jn4_UJ3JW7K1NiZCmQmWlJS5x1y0_Y3EkIo3xruKAIdApslaFy-qSnlzNFyslUHwRQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:25:54	Name: bcookie Value: "v=2&066c8ac4-9111-45bb-8612-b5e69608da98"
.linkedin.com/	1970-01-20 00:55:27	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2536:u=1:x=1:i=1644840779:t=1644927179:v=2:sig=AQF8LJ3pSAsHJo96NrtYgfhDOKt0fDr7"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=it-it
.www.linkedin.com/	1970-01-20 18:25:54	Name: bscookie Value: "v=1&20220214121259b326c720-3a93-4e0a-833d-c067569250ddAQEXSgVs3cjHyhZ_rYRR-ROqcEwFsC-f"
.linkedin.com/	1970-01-20 18:00:00	Name: li_gc Value: MTswOzE2NDQ4NDA3Nzk7MjswMjHSvu5D86GeH3GA7MTL660F4KM0I6p4607Koij1d/6aow==
www.pinterest.it/	1970-01-20 09:32:24	Name: _pinterest_sess Value: TWc9PSZaek5kQlFocE1GSlZmeVVyOXRsVS95dU5NbVdaekN5cjBpNGxJc2lsdTUzUDlaM1Q1L3BxUDQyeVU1M2xORVhLZEhKaVVvVlpDYlFHWGZwcFNqVy9OS0hHVmVhMUJjemlZdkxqUHYwRCtDRT0maHNFMjhEMjlBRHFxVGhndGUzV0xKZVI2a3hRPQ==
.thestar.com/	1970-01-20 09:39:36	Name: _clck Value: 1hfh4yr\|1\|eyz\|0
.c.bing.com/	1970-01-20 10:15:36	Name: SRM_B Value: 15D283BF3ADD63341CB992F43B2C62AE
.thestar.com/	1970-01-20 00:55:27	Name: _clsk Value: 10trxn3\|1644840781853\|1\|0\|d.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:15:36	Name: MUID Value: 15D283BF3ADD63341CB992F43B2C62AE
.c.clarity.ms/	1970-01-20 01:04:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 00:54:01	Name: ANONCHK Value: 0

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 122) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 122) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.7190597654779454(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.thestar.com/api/overlaydatarule/2021-q1-shop-low Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=926050806644? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=926050806644?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-3581198aabeb31ecbca9317e0e6dbd5b' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
a55df540d6aa10df6ecc9f1038cbf246.safeframe.googlesyndication.com
ad.doubleclick.net
adserver.pressboard.ca
adservice.google.com
adservice.google.it
alb.reddit.com
analytics.twitter.com
api.permutive.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
beap-bc.yahoo.com
beijijngmedals.thecanadianpress.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.js7k.com
cdn.parsely.com
cdn.petametrics.com
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
d.clarity.ms
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
e377.thestar.com
elb.the-ozone-project.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.districtm.io
htlb.casalemedia.com
ib.adnxs.com
images.thestar.com
img.sportradar.com
js-sec.indexww.com
match.adsrvr.org
mb.moatads.com
misc.thestar.com
p1.parsely.com
pagead2.googlesyndication.com
platform.twitter.com
pr.ybp.yahoo.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
resources.thestar.com
s.pinimg.com
s.thestar.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sejs.moatads.com
snap.licdn.com
sr.studiostack.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
torontostar-d.openx.net
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
unpkg.com
uswidgets.fn.sportradar.com
vguamh182d.execute-api.us-east-1.amazonaws.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.pinterest.com
www.pinterest.it
www.redditstatic.com
www.thestar.com
z.moatads.com
tpc.googlesyndication.com
104.16.68.69
104.244.42.133
104.244.42.195
108.157.4.110
108.157.4.38
108.174.10.14
13.36.218.177
142.250.185.98
142.250.74.194
142.250.74.198
143.204.98.123
143.204.98.39
151.101.0.84
151.101.1.140
151.101.12.157
151.139.128.11
158.101.193.104
172.217.16.130
18.215.5.235
18.66.107.43
18.66.109.174
18.66.242.164
18.66.242.202
18.66.245.59
18.66.248.22
18.66.248.24
18.66.248.75
185.33.220.240
2.21.141.169
2.21.141.232
2.21.143.57
23.0.33.234
2600:9000:224a:d400:b:bed1:3e80:93a1
2602:803:c004:200::140
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:7baf
2606:4700::6812:451
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c01::9d
2a02:26f0:ef::5c7b:c23c
2a02:26f0:fb:5aa::1931
2a02:26f0:fb::5f64:9951
2a02:26f0:fb::5f64:9969
2a02:26f0:fb::5f64:996a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:600::396
3.33.220.150
3.91.210.140
34.107.254.252
34.120.133.55
34.240.134.29
34.254.48.82
34.96.102.137
35.190.14.224
35.241.9.51
35.244.159.8
37.252.172.249
40.76.174.66
40.91.78.9
51.104.28.77
52.139.4.139
52.205.167.202
52.212.232.57
52.28.203.152
54.194.191.134
54.194.29.203
65.9.78.2
0060d2dda7b23b9d68885f719c220efc1e787a7c9dfb017bbefda9ac6a133175
01cffdff6aab482bfe1b1c63e467769336e0a4016146a581d091a05f9b70f3a3
03430d731a51f0135c19e0f0a3ebd0eb9735e582be8521eabb50c8636025ea53
034d8b0ad6be06a2b0ab91b83f2877e18239f340112417e4729689728f790b7e
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
09462845220b3bb7780eee9a9e11a3b74563b18ab5c4760e279dfedb3f0e70b8
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
098a107590aad1c9f618a55473c9044a9747ea3576db475ba4954fa22a754a90
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0a2fc84e8dedb434e4de04443303d74daed3bb479303f76f73ff8eb28ff30b18
0aadccef70dba22774bb34d89d8bb78dcf357c2876983813122b75edd60be756
0aade1454de72aaab14b0ce231e3be92dffd5fe6ff7c1d97498612a0c377edd8
0aeefeffe21d5f27ba2c05d4f65483270fcaded4bf9daf33ed11e837b6b45d1d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bf24129fdecdf539558d4dc948b494614fdf8647f43231d33d88598ee5299f9
0d32d26418f0a4cab9453fc8f9ae4350845b201ef329fe69aac4840544f9c213
0f59e30235b7ad1175409cd394a4489e3d4553474c7c2180fc93700ef5a13adc
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
129f20562669ea1f821116733d7575bd3889de52ccccc98517064605b722458e
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
143931a05844543ad39fb3df7fbfc9c8411b32fd5bfd1b00f29fe80ff3202c6c
1443775e8e8588cd0d46feb8d53643ab8d45465c2f4fb7d569ce487e627be178
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a
172295287b738828a501d8047a3f13070332a5945ac48ca228e51b50c3532c37
182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8
1831b0f5a624f145d4e73d1c77e20bf9a28507ddd45ee72ff863f9b6b811f424
183f26ea4fe2c343ae6766e1ccd356a64e75847ee95e3446da0aa2ba634f30c1
18ed9d8d422203c7a87e2e75898e778588f2c8a923164f15f78a8b9390679e4a
19a5264f856e19a2f8d9e4043a4df50a2a9db1be8c99ffa07eb8418d68bc1743
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1be4cf0c02a6b1a191f4ee5a059710295dc90697457419e218c8f89f7108dbd0
1c20718b1c0169fd62a400dad810f15e4e064ed3129356cdc8ac21c0b6c96ccd
1c9c8f224f63930e1d0216b73870ab0c2ad299e7f8dfb5d90284d04f28c363cb
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
2340dce2ad3d048afe7a502a27b037d87a8ed9a15975a214a4331e2c9b1a8e5e
24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1
2663514a298880242dd66949e5b2455c7e18636ed98bc8939850a8a9dded2c33
26af65c2a131a0dd532e001643e337680a5b1de04559afa4cf5d907bccf56371
27aff93119159623e908cc6e5dba2590ac1f35ff51493af0379b09fa355309f8
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
290e60f247d195c19d505e85d5577c7a65e5979661cf8ab253922b52f4973fa1
2a7f2dd0765d4a3be21d3655f8f19637e2f2e03e4d69d05963ec6dabd6df6040
2adca76cf59f205438924e01aed7f2c54a4d77215a462e01e9ef9b48cc690527
2c9ba9ce714dd4415a56e80ea126d7b1ed3e282c35a5bbcb6ba92fd9aafd2cec
2d67766033ae4583af9d7273bb6d7773b18b8714e5b0a8cc6623c70f6af2b3df
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2de1673186c399634f6f6abf9ca0922a014401cffe1ff71021e955475ab3d36a
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33588a91c0a35528645dc3f8117443e5c00c70bba1de6ac0132818e1cd6f7ef7
335e965a01427602557c0e4e0407bb012cbebab68012fb57488c62df20eaee91
3585530778bcb49e71d4a59a8afeeef2216be8665c588af9f25111465e19cd5a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15
36d3e260da6c89e8893b03fb5a516d088cb46a136c094fdc5bda05ef2d3cec6f
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37aca04722332249aff198c2e1eb824ef37451464af75f554b0177d77a799ad1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37f354767d903f5778c18c65bbaede1a266f953431a6e821803656cd516bfe62
3817de7ee89900b5db3dc77bec5e75b9d44feea7ab19e7d409092da3c09eb870
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
3c7f38420d54fbc003df9c55442eb8d4e3fea47dbcc036f5705e26c790876f87
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
3e55b72a700c54fe81b508b3769ccd2a81191f0d4aaf25e9d6a52d60e09e5440
3ea558b901b3ec4da6aa20dc9d6d7a9b3c3d26f709218e1421fdf93da7566bf1
3eb840c90fa2b960a984d3b06f9d59d1b601410b83780df6e2629877dad79767
40eed9f30c5cf0d5e3e051f8bc376a13f6025f628ad9795d8177c96ccb14cfdd
41ff31cc2d4480d58bc5c85ee17c1b78392f83825250e87fb9ed40d886e374ff
42e0245a08f2408a236fda680a8567ecd03462ac148cfd73139f6faed752f91e
43a063af802fff5e9f39fe5924fd5283cb814a5e8294da045eda7367294bc541
43e97e5d45f33c232bdf7848baac24ce64370ce733ad8642a3827e629a853af5
44218166f78adbc856eeeb93787eabb29f78160232ab88ea59e45dd2bb5831ce
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
449d89ee54d8a208708e2ab03906d26ac79be0cb1c08c06dbdb826606759791b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4732c25586a397ce39e3d031693be639c13420460a55af067a618f7d4f557d0d
48b3dbb1cd2b2eec139cba588a52e3b8c5245e8c456da6d0cd6120e78a300dbb
48c2e09fd6c9a2479c5250705a3af4b13dec0c89e94152aed7fd24c59ffb77d9
494874a05c407cfb2315f6aa8fc056e62fb7d5b6d8cde0761bbbb4ad477c9fbb
4951df05a0885c3d6357037d0641e950c8272abc55f8aa7d9be23296bdc29b62
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4f0b2a20ec21fcfec02cd01107acc1e6311be5467f1c504bfe6f306edc349480
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50063c382b074e0b9fb907b397615cdc7843212f71e01e11442af7c5e1786b42
501db17c4702013db299f94dd0bb8684f382ab667d5e62f29298d7cf8655ee79
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab
521e24807293eb4e4b0763969517f0c36ee2754403187190a5f05c7f6ae279b6
528f094bea11a8ca10cc49d27b430ee844554b3cb53bba62b3b0c62cc4536a9e
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
542371cadac2900fe706a2cb72ef579531e1fd5c4035dce4da345ddaadcbe05f
5452575314e1670666677df12b99c0b0b0f86fdd6a076e1bdf374e59f36a75c1
549fdc6034c005c4d1b62bf971f89636c6032d5e386a089980f06058028a4178
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
57d59994d40bdfa1c636d5066c937f11bd7142e0a313e4cd5d7ba0834a388e0e
59e0b0f64a00b0ca5cf185408429fb5bb00bc10a6b283e40ed957a83a589baa5
5ac5344c686b86eafbf794fddb61f6ddad50ba3484e5de873619a0740edcba5b
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5cb58980d85cf281723d540bba89bab8667e9929132da9cf516b39cbf6afb4c1
5d1be642ce02df3eed902b78843e8a99f383bcccddbf4e0b097672d2c018a145
5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4
5f4db5659caa6188fbf8fa4d789652351c6b4e115aceed4d97b560e918c53fb3
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
6108764c2e0f2747071b02f29101bdde87684d1a6e3504e6e709ef486e3f78c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
65602b8680011ec2739ae3864b24aabf917677acdcb3425c89f86700a07b0823
657e3c139305dcb5aefd70b23ffb1c3d220e6958056631353ef74232b257a081
668e63028ea3fcd991fdc6ba68efe5684dcd3762cdcf355ee8f502ee75f8318a
6725f37b7e0989851d8c7f342db0bce8e208703d97c772a408dcd61ae3b822c9
68ef1714f189b5c28ac522075e5da29bd2f6c71da73988a6b3fe317baae30b5b
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6da5dd3b777c8f89f95d3a55c05e7aa16894cb81bf34be13becf45494effbe9c
6fb45af203288313f50cecb966712a184c35df4ef86785230c38d8c3eee731d7
73cb733aad8948c06e0825fe9456eb162f7af568f7ec1b62dbddd161c3051243
73d8cc4215a9a87d7b90f035aaecf76ec15b588fbf3e3a4c0a41c823ebb9549c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
764cb0379bb5cba7cbb9c93f087311ad085eba193b7f7c87e830bc36ff93cd16
77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980
77cd5b400b171e38d18c72be8020c15fe977ef4c59e73b1fa797d45dfc8fa8ee
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
794f815439957a99ba5c28299d021fcc1b062b687ab8306ece58727baa2f147c
7b1a69ec03a22130641a6565cdf14b66d4c650884663e55f16643ed1d70999dc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c61a6decf92624f849e555b8d2c56b3a1e0d51bfa10ac3e9ba8fb55e51ca12
82fe70f6eb609ff3229a235f4069099d1d780d24a5eea57f4db1936236cc3c73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834fe824bfe409424e61fedda2b4f6949b24c69b0827d5f6ea95ba546b2fa76f
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8427bc5f38727831b33ee14188e5b1d4a95185b5c0eeae85d4fcc77c5ec3dc29
844fb94df8dee91050d00920e08c35e5be113b513f488474ac08f5882bd4f8bf
8475d35545e912302704e862b7dbec5fceb6da0c085b7646eaf96b7e24902d00
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85f1f34b7fe22a62a28d7c34f1cef71f3206e9b60009a439843e40918b141383
86edd1bd7bd5f3251da12cd3c5b391deb666745d36daf364bfaf0a5aa5d59bc5
87d755b138348dd7ea605508ca84ff61cd8c74277492febe6649ed38da32da72
897727e6dcdbc2eaa7547078b9ab387ce0c4d5d1bdaa3f42982133adbbbc4e2b
8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c
8c437f676063e9ab67a382ebb571f0c348ff9e91d6528a15813d8905b5ff3c25
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
8fa66162f2b74aaf28143e8bb208bd2d6a0ac382bdf6673bfd1060a55c3a827d
925dc37d53806eb1b265cad0eada8d5bcd6413b1c2928c892fc34d9837e4113c
9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933
94cfaac981ccf7963e55f283105d631a56210fe50af228fcffc63a5db2143114
951b770da916642daf6f0b6f0591cc13591a2ef2c46a2a2e3a5fd6b992ab1408
95344dfde60f4020ff7047369f479d442e47843d1e4933598409d2a09d57b04e
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
975cdf350c825d777e8e06f8230e667076f1beb5101b2e29feeafc86f5512fe1
977b9fcc428d7679f6331d532930753d56bfd69a4b9ff5e3131ee313f61f284c
9804a116d9296fc71f2b777a40be50de55f5a164fa64934e272b8093f3b7ef48
98f3d3dbfcfc54be62df959f1318109331e8cc1f1bff5e9a68eec73e0241b650
99548a0440cc7ce83f1c97e7ad047ef6b8199e21c57f350ad846fadf8547cd79
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
99b1c817a97ae65b52a5a6fc46c4d0321e963efd13ec649d5ed79e5365dc31b0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac58b9f097c595de382b6fd0c1bf9e245ae88e0d336e312f1b4e9ac4463e4ea
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9c4c935ecfc59904ac85c8316d4234cbb505e9ae3226b99836d1efeb20382e61
9d67650db69f861c453a04c39d1efbca8ffd74998c05694066eed3a205791412
9e150724e787fc57db27606b4a4eedf0947739a1c80c2157340cf28716e753f3
9f6a73925080491e2ef18dd078e6485b9e6b10e6ee2da5e8f8325939e940f616
9fac464390e18ca0607ef7cd4b61e50db333d16c274b5c9df9b045d285ab6df9
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a0537c11b003a1decb75be22d0d6cc543c48e9c88466b4e35b06b5eaece163e5
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b9d144338ed4ee9b0f0333b037b7dbadda35472e25558b49cebdcabd15b016
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a43843bf3b49976f0bce77be85e5a753acf6a2035ca44305a516250e08491589
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57751e242520c40d035ab7cb08eae82135f1416ccae8f02e19cc74af1b55fc8
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a8ad803f7ba4e78ac76c298f68e69d88ae2ed4d389f9bd6082aaa63e3948828f
aad75ee023ab7b0c9cac9a7049815dd801a93abb524c332e470e7d5b7a8f2d30
ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26bbc0b1784322ee18f51bfebab8d20823c77eeb37d50ac9eecf804dc7146ac
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b4139a4dd4b9334e7c3bb6beb9be0ddb893d665373cec1b8893f0d1f378c1e17
b75b938326ba99ef43c51f37a07b18c8c6b5699594cf87f3e770901481f5dbe9
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b8e8734d09cbff47f0afe26e91200cd19071e79647f718cd7b5c2ba16a13ebf7
b9b392e587ae017404e8c563131cf72e306fe94c2e1ad9cd077dc43e4c1bc84c
bbfc57fdf4af6e2c905fe39ea32c6e62a8fed1fbcb06b44b509522abd3ead5d8
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc92db10eb34954ec128d6db4e88bced94f3579131eddc361bfd60b329619769
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
c52010cca25751623a2c5a31a634411c1e8aef71dd342b7cc070ec8a9bea04ba
c5e958821690fe722860107ef48759a5dbceed821d061a488d220dfe6c0ee8a6
c8f14842bf6b55eed43d7188fc849f03f6bd0a2c2285587b4fc3ed9c3671b2bc
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
ca2d24715af7a9c89c73895b3ed0f3f74fba8d7a41bc24c2b74f49b57c984445
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cd0473ec45841b4eb836d234a511bf567db56e977dabba1771a5e43273d931b6
cd0fdc1ce17de8870ab1025bdd0751ad0d4632bf7dddb4f09618587e6d1890b4
ce11d1dfc55e242dd2bbcf9fa94c5d809f050282ac7c62bb9f34126cf1f5b0e1
ce645f5d54866ed5cf909b236e041b7e9326b7cdb71e8e507fe5fa79172c5ddf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc07da9f01386f868f0b0baa0339bfcdcd1432fe97428b5285767cc93f932d4
d0c4ff54d38cb90bf6dcac11026f1b1def127cc4407f9d0b6d9d33d46387469a
d217301d1beca280818807958c12328fb84bdbb1bc7c23702276124c00a4bd9e
d48b0a2ab9c3acf2723de7777155c2b5a7e085194680eb43fc4fb2a708b847c0
d4bc81be1c520b6abe69a2cfefff36368e2aee55e84ab17ce69affe094887d0e
d4e5fe53032a0e9d1ffd9ca9e568a5816d0cd8015669dd8531c41496fd8c0cfb
d71cd26a8d15e08c1bbf30862aea8c3f7b66db1ec5ca08c67d7ff1e03b4ad4eb
d7be058f71a8b8d84eb383dfb754b4091a952f6a459f469229a952b5418fe313
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d9fe28e320247a285d58abc319a07d0aa1dd06cc410ca6d0a7e5772c0557e348
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dbb5e16606785dc1b8fce16626f44890556c33bc9999b7e9550f75b22a1fd190
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5be5e24c2d64db9fdd8a0f48e6d9ce6f792bf62e4e2baaf8e8449acc7c367a
deda314c90a4d526810b243c21f4ffead204494dd210f555c6e0fdc4a079fa50
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e23a6776aa183e28089211911a9921af2d71eff25b3bb156c108eeaddbcbcad9
e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca4ba239ed2d8c05925a84d13a62b52aa0abecccede81e4db5d583ba4d3539
e405c0d0ab8c71073b5d5f4bac965a420738c11b580602dd5bb76fcd7ca41c7a
e88d5f263945d9341d3180cdab77d99915a1ab21962fabc4312f9ed09a1a0448
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e95fbb0a5967013557fc1db34db368da5d2a84bed0bbad09fcaaf9dd9189385d
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
eba233c164f038c5c6065889f84c84fd193325dd13b6fc734fe30ef4f34a8081
ec8de55b279f65ad4d49aff05ca8b9499ec486a16c87f9be7c43d978bbc465a0
eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb07fe7d68c976671a250c72a221417754b6fc8cd90a2451a8055e9a65d1a1d
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f19e5a983188eb634fbb84acd91f52675dd2bae3317fd395f3ddf3254ae83803
f1c7fdb6522522eef3c947243ffca58854dfbca9987adb0f49696a4a51cfd3a7
f264c3506d22e3fc59a947d981079993955d3b85fe7e8bdefd8479865a4f92d3
f34b1c3ca2a3826fc27d409d731ec5f600272e654e813910a7f9d338548e7242
f3c2cd094ac4567cde5c7bf7c3737e35cdf1278e0f30ff78f965d32445942ca3
f3dbb6ddd897b84a87307c9b7fc0f01c41ca7263024fc015e5acf42c79809c4c
f3f3de2037a89941103028bff687e9e09bfc895d949a867d57e455e0ba37bc35
f443c5b39c353b9b95a5ea400fd34e85afb5c525ff6cf76ca58a43ea911cf533
f9b9e6446d7f175e8589db2fa6d8b787cbfd392331d58b7ec88f32a89c97f75d
fbc1f50fa442fc620280705f3c7e9427935ca8cc477dcc85641afbe175421800
fc8ca38053185a62da400a7d81fca39035b7f35202a2b571f1498d553c1b8d98
fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.thestar.com Open in urlscan Pro 143.204.98.39 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

351 Requests

96 %HTTPS

38 %IPv6

60 Domains

97 Subdomains

83 IPs

9 Countries

5901 kBTransfer

19058 kBSize

80 Cookies

17 Outgoing links

Page URL History

Redirected requests

351 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
143.204.98.39 Public Scan

Screenshot
Live screenshot

Full Image

351
Requests

96 %
HTTPS

38 %
IPv6

60
Domains

97
Subdomains

83
IPs

9
Countries

5901 kB
Transfer

19058 kB
Size

80
Cookies

351 HTTP transactions
2 data transactions