www.thestar.com Open in urlscan Pro
143.204.98.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On February 14 via api (February 14th 2022, 12:13:03 pm UTC) from IT — Scanned from IT

Summary HTTP 329 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 81 IPs in 9 countries across 59 domains to perform 329 HTTP transactions. The main IP is 143.204.98.71, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 49527.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 20th 2021. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 55	143.204.98.71 143.204.98.71	16509 (AMAZON-02) (AMAZON-02)
3	18.64.115.117 18.64.115.117	16509 (AMAZON-02) (AMAZON-02)
9	18.66.248.123 18.66.248.123	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:451	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2.21.143.57 2.21.143.57	16625 (AKAMAI-AS) (AKAMAI-AS)
12	18.66.248.94 18.66.248.94	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	50.16.19.147 50.16.19.147	14618 (AMAZON-AES) (AMAZON-AES)
1	158.101.192.149 158.101.192.149	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	108.157.4.44 108.157.4.44	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1	18.66.107.43 18.66.107.43	16509 (AMAZON-02) (AMAZON-02)
1	34.252.133.182 34.252.133.182	16509 (AMAZON-02) (AMAZON-02)
7	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:224... 2600:9000:224a:5c00:b:bed1:3e80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	18.66.248.66 18.66.248.66	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	108.157.4.15 108.157.4.15	16509 (AMAZON-02) (AMAZON-02)
1	18.66.242.12 18.66.242.12	16509 (AMAZON-02) (AMAZON-02)
1	18.66.242.164 18.66.242.164	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
4	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
3	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	52.139.4.139 52.139.4.139	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	34.241.151.12 34.241.151.12	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:fb:... 2a02:26f0:fb::5f64:996a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.210.75.127 52.210.75.127	16509 (AMAZON-02) (AMAZON-02)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	54.154.165.122 54.154.165.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.245.59 18.66.245.59	16509 (AMAZON-02) (AMAZON-02)
17	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c01::9b	15169 (GOOGLE) (GOOGLE)
2	65.9.78.92 65.9.78.92	16509 (AMAZON-02) (AMAZON-02)
4	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
6	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
4	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	23.0.33.234 23.0.33.234	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.237.17.91 54.237.17.91	14618 (AMAZON-AES) (AMAZON-AES)
9	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9969	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:fb:... 2a02:26f0:fb:5ad::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1 3	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 7	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	54.194.29.203 54.194.29.203	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c25a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
3	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	40.91.78.9 40.91.78.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a02:26f0:fb:... 2a02:26f0:fb::5f64:9951	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	37.157.2.234 37.157.2.234	() ()
329	81

55 143.204.98.71 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.64.115.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-115-117.txl50.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.248.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-123.dus51.r.cloudfront.net

e377.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:451 (United States)

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.143.57 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-143-57.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.248.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-94.dus51.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.16.19.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-19-147.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.192.149 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.157.4.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-44.dus51.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-43.fra56.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.133.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (None, )

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:224a:5c00:b:bed1:3e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

beijijngmedals.thecanadianpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.248.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-66.dus51.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.15 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-12.dus51.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-164.dus51.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.139.4.139 (Toronto, Canada)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.151.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-151-12.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:fb::5f64:996a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7aaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.75.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-75-127.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.165.122 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-165-122.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.245.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-245-59.dus51.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.78.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-78-92.ams1.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

torontostar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.17.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-17-91.compute-1.amazonaws.com

vguamh182d.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:fb::5f64:9969 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:5ad::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.21.141.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.29.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-29-203.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c25a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.91.78.9 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:fb::5f64:9951 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
92	thestar.com 3 redirects www.thestar.com — Cisco Umbrella Rank: 49527 e377.thestar.com — Cisco Umbrella Rank: 188094 images.thestar.com — Cisco Umbrella Rank: 74311 resources.thestar.com — Cisco Umbrella Rank: 152667 misc.thestar.com — Cisco Umbrella Rank: 546329 s.thestar.com — Cisco Umbrella Rank: 187767 api.thestar.com — Cisco Umbrella Rank: 206968	2 MB
24	sportradar.com widgets.media.sportradar.com — Cisco Umbrella Rank: 108649 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 292767 img.sportradar.com — Cisco Umbrella Rank: 112776	685 KB
18	googlesyndication.com fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	238 KB
18	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 9099 query.petametrics.com — Cisco Umbrella Rank: 9950	67 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 346	331 KB
15	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 245338 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 ad.doubleclick.net — Cisco Umbrella Rank: 167 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	186 KB
10	thecanadianpress.com beijijngmedals.thecanadianpress.com — Cisco Umbrella Rank: 179098	318 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	moatads.com sejs.moatads.com — Cisco Umbrella Rank: 4368 mb.moatads.com — Cisco Umbrella Rank: 567 z.moatads.com — Cisco Umbrella Rank: 330 px.moatads.com — Cisco Umbrella Rank: 390	145 KB
6	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654	752 B
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 32314	26 KB
6	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 350	5 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4387	110 KB
6	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 49806 elb.the-ozone-project.com — Cisco Umbrella Rank: 9924	326 KB
5	clarity.ms 1 redirects e.clarity.ms — Cisco Umbrella Rank: 2000 c.clarity.ms — Cisco Umbrella Rank: 693	24 KB
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 1845	825 B
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	218 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 331 c.bing.com — Cisco Umbrella Rank: 212	13 KB
4	pinterest.it www.pinterest.it — Cisco Umbrella Rank: 104205	15 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 436	4 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 263	40 KB
4	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 591 analytics.twitter.com — Cisco Umbrella Rank: 468	1 KB
3	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 810 www.pinterest.com — Cisco Umbrella Rank: 1008	2 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 802	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 187 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 186930	5 KB
3	ontario.ca data.ontario.ca — Cisco Umbrella Rank: 471336	89 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 129	2 KB
3	t.co t.co — Cisco Umbrella Rank: 456	540 B
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 667	19 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	424 B
2	google.it adservice.google.it — Cisco Umbrella Rank: 43233 www.google.it — Cisco Umbrella Rank: 19885	1 KB
2	amazonaws.com vguamh182d.execute-api.us-east-1.amazonaws.com	17 KB
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 427 as-sec.casalemedia.com — Cisco Umbrella Rank: 1146	801 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2498 p1.parsely.com — Cisco Umbrella Rank: 1996	26 KB
2	gstatic.com fonts.gstatic.com	72 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
2	districtm.io hb.districtm.io — Cisco Umbrella Rank: 70016 dmx.districtm.io — Cisco Umbrella Rank: 1164	345 B
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 218173	2 KB
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	11 KB
1	adform.net cm.adform.net	106 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1467	125 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1387	8 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	openx.net torontostar-d.openx.net — Cisco Umbrella Rank: 265956	438 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 739	328 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	544 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 881	517 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	27 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 618	39 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 57230	789 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 228246	486 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 177569	440 B
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 171886	139 KB
0	lijit.com Failed ap.lijit.com Failed
329	59

	Domain	Requested by
55	www.thestar.com	3 redirects www.thestar.com
17	query.petametrics.com	www.thestar.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
12	images.thestar.com	www.thestar.com
11	tpc.googlesyndication.com	www.thestar.com securepubads.g.doubleclick.net tpc.googlesyndication.com
10	beijijngmedals.thecanadianpress.com	www.thestar.com beijijngmedals.thecanadianpress.com
9	uswidgets.fn.sportradar.com	widgets.media.sportradar.com
9	e377.thestar.com	www.thestar.com e377.thestar.com
8	img.sportradar.com
8	resources.thestar.com	www.thestar.com resources.thestar.com
7	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
6	pagead2.googlesyndication.com	www.thestar.com securepubads.g.doubleclick.net ad.doubleclick.net tpc.googlesyndication.com
6	www.google.com	3 redirects www.thestar.com tpc.googlesyndication.com
6	c2shb.ssp.yahoo.com	js-sec.indexww.com
6	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.thestar.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
5	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
4	www.pinterest.it	s.pinimg.com www.thestar.com
4	px.moatads.com	www.thestar.com
4	googleads.g.doubleclick.net	www.thestar.com www.googleadservices.com
4	fastlane.rubiconproject.com	js-sec.indexww.com
4	secure.adnxs.com	js-sec.indexww.com
4	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
4	misc.thestar.com	www.thestar.com misc.thestar.com
3	e.clarity.ms	bat.bing.com e.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com
3	unpkg.com	2 redirects www.thestar.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	data.ontario.ca	misc.thestar.com
3	analytics.twitter.com	platform.twitter.com static.ads-twitter.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	t.co	www.thestar.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	c.clarity.ms	1 redirects
2	px.ads.linkedin.com	2 redirects
2	ct.pinterest.com	s.pinimg.com www.thestar.com
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.facebook.com	www.thestar.com
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	vguamh182d.execute-api.us-east-1.amazonaws.com	beijijngmedals.thecanadianpress.com
2	api.thestar.com	www.thestar.com
2	fonts.gstatic.com	fonts.googleapis.com
2	s.thestar.com	resources.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	fonts.googleapis.com	misc.thestar.com client
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	z.moatads.com	sejs.moatads.com www.thestar.com
2	ib.adnxs.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app js-sec.indexww.com
2	torstar.blueconic.net	e377.thestar.com
2	static.ads-twitter.com	www.thestar.com
1	cm.adform.net
1	c.bing.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	googleads4.g.doubleclick.net	ad.doubleclick.net
1	alb.reddit.com
1	ad.doubleclick.net	www.thestar.com
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	www.pinterest.com	1 redirects
1	www.google.it	www.thestar.com
1	www.googleadservices.com	www.googletagmanager.com
1	fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adservice.google.it	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	js-sec.indexww.com
1	dmx.districtm.io	js-sec.indexww.com
1	torontostar-d.openx.net	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	p1.parsely.com	www.thestar.com
1	api.rlcdn.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	www.googletagservices.com	www.thestar.com
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	hb.districtm.io	www.thestar.com
1	js-sec.indexww.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	mb.moatads.com	sejs.moatads.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	torstar.gscontxt.net	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
0	ap.lijit.com Failed
329	94

This site contains links to these domains. Also see Links.

Domain
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2021-09-20` - `2022-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon	`2021-12-23` - `2023-01-20`	a year	crt.sh
bc.thespec.com Amazon	`2022-01-26` - `2023-02-24`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.blueconic.net Amazon	`2021-08-07` - `2022-09-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-08` - `2022-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.prmutv.co R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
api.permutive.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2021-02-15` - `2022-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2021-06-02` - `2022-06-01`	a year	crt.sh
*.thecanadianpress.com Amazon	`2021-07-30` - `2022-08-28`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-23` - `2022-02-21`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn-stackpath.petametrics.com R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2021-10-01` - `2022-10-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
widgets.media.sportradar.com R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-20` - `2022-08-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.liftigniter.com R3	`2022-01-26` - `2022-04-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2021-11-16` - `2022-12-18`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon	`2021-07-22` - `2022-08-20`	a year	crt.sh
fn.sportradar.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.ozpr.net Amazon	`2021-06-07` - `2022-07-06`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
img.sportradar.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 30FCB1E0ABC1AE5129B4AFFEB14D208A
Requests: 251 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: E7E479A04B0ECD911B73CC5B89CC34C0
Requests: 1 HTTP requests in this frame

Frame: https://beijijngmedals.thecanadianpress.com/
Frame ID: DC604F8899FDBAF33D7BA8A7BA6E5730
Requests: 12 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Frame ID: A14DC851605362E83F167987C042BF4C
Requests: 9 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 6F492001651F6054F9BFAF539BCC29BD
Requests: 1 HTTP requests in this frame

Frame: https://fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7C2AD120F7764D33A5346A7B62C2742E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 1B6C37B4572B48B24F1B6B82E8AE898F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 14A6A72FC0E6B1DABD62E39301CB9917
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 9685071850FBF2EF4BF9C2912D82F616
Requests: 12 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 60C64C824B644FDE784B9F2980BA04FA
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 62E17C6C96FBB3224805D78E0761A545
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.it/ct.html
Frame ID: F4C3A37E195E2842C8DBAD8F39C8C758
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 35F2A20A9F7195BFAE6A0C14FBF12252
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D40BD669AA433D8DA6BC8803E01FC844
Requests: 2 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fcf74337-968c-497d-a870-7ed49c84ca3d&publisherId=TKN100000001&siteId=4204204311&cb=1644840779301&bidder=ozone
Frame ID: 7C7852B94876BBA5036002E244644ED1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

thestar.com | The Star | Canada's largest daily

Page URL History Show full URLs

http://www.thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

329
Requests

95 %
HTTPS

36 %
IPv6

59
Domains

94
Subdomains

81
IPs

9
Countries

5800 kB
Transfer

18868 kB
Size

80
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 92

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.4 HTTP 302
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Request Chain 95

https://cm.everesttech.net/cm/dd?d_uuid=47269294736822312842491903800621531178 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAKeNXQO1

Request Chain 99

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1644840775053&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840775053&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=

Request Chain 190

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 258

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 259

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 260

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 261

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 275

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.it/ct.html

Request Chain 289

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1644840779150%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK0BB0bP1hWCQAAAX74Jng0lex_-Uv1zvbmgUlcPx5N22yxyrUAhtPxdXy_vUdzoydZUg

Request Chain 301

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=053A98BFEC744D949172099082A618F8&RedC=c.clarity.ms&MXFR=18BE4C2FBB18631D3EB45D64BF186D5F HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=053A98BFEC744D949172099082A618F8&MUID=19A88A69BFCC69543F1A9B22BE3D6877

329 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://www.thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

407 KB
76 KB

51ms
50ms

Document
text/html

143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

129f20562669ea1f821116733d7575bd3889de52ccccc98517064605b722458e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Mon, 14 Feb 2022 12:11:57 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://amp.thestar.com
x-powered-by: Express
etag: W/"65c25-rVokLtCxYnN9q3JAZ9Wt8zUnO3M"
cache-control: max-age=180
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 1TWZaZZCPvVAVtul1rmnHKoo1GEWMXwIcsxVsRYCDHSXcF_j7uscFg==
age: 54

Redirect headers

content-length: 0
location: https://www.thestar.com/?redirect=true
server: CloudFront
date: Mon, 14 Feb 2022 12:12:51 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: _2bw3p5zHVtaPJUnDXe5Fc6l7E5Bt7DYOKiqunDEy_RK-F5oY7u1yg==

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 98ms
97ms Font
font/ttf 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:37:14 GMT
content-encoding: gzip
age: 2137
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"6028-17eda5f9808"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dpArVkv5Rqn6gxoCAJdo5oUHdMkv-s5ipT_hnZwKOdzinHI4vlEYyw==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 52ms
50ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:06:08 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 7603
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"478c-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 4MUNmlm8X4mna8HmHw6dJHKSxeBPRtAnE470rN56vc71ar7S4GfUiA==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 93ms
90ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:54:58 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4764-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: rCPNgqep0S_l1i2J6suCIvsX10_mgperJ2rYaIG7RyTNSmjC4cAAIw==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 96ms
93ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:54:58 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4a6c-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: KyyuVgabFUyGkEXhrUxGvaJyS_YF5ZbKZ2QImWRfPiuHatDumj8H0A==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 47ms
44ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:54:58 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"4930-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: _xOj9W8K5uo6Jt9P2ed7N0zkEMPCUtdxHsfNo-B_zT-TTcsgU_tnlQ==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 69ms
67ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 08:28:22 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 14217
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d6f8-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 1wUp1s9HQolTj4fBBjuq8k3l7vcIF2CIF2TAo62y8NlJCc4Le7vh6Q==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 98ms
96ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:54:58 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 4673
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d1a0-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 9cGLxRXB5LioH4Rws5gOqsC970vU3GrOkQ_ctsUcUN7bD5qc2r-JDQ==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 55ms
53ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:44:49 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 1682
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"dc3c-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: TSE6jx2u8y_URBaFfnRKht7WcKTW-hsa2zBGN7Lo8XAvIJIx4ScEfA==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 81ms
80ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:46:09 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 5202
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d610-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: GAdSval4psDB5AA_8NOdeeHRYFulPLL8Q06ZKXxjmsWOkTNgz-5asw==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 106ms
105ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:43:48 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 1743
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"d420-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: xV2Nlk0j5fRMr_uDqbkUYm105Po6O9TIrHWnMZRlwwwqjNPwGM5IWg==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 3 KB
3 KB 146ms
37ms Script
application/javascript 18.64.115.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-117.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cfc07da9f01386f868f0b0baa0339bfcdcd1432fe97428b5285767cc93f932d4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 17:40:44 GMT
via: 1.1 f67cb1e6517f8abcedeb3b0734a257bc.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:38:01 GMT
server: AmazonS3
age: 66854
etag: "b1f6929a77910bdc7794068149f9654f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 3016
x-amz-cf-id: P6Xu1L20gixYktwhhNxZ2LiJmhkUTLAxZEreHNYG8UfWJHtAOSyXDQ==

GET
H2 200 script.js Show response
e377.thestar.com/ 138 KB
41 KB 113ms
35ms Script
text/javascript 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

764cb0379bb5cba7cbb9c93f087311ad085eba193b7f7c87e830bc36ff93cd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 17
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41116
x-xss-protection: 1; mode=block
last-modified: Sun, 13 Feb 2022 12:38:20 GMT
server: -
etag: 9aa681b056b6ae2d1fa7a158cc77ef84
content-type: text/javascript; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: RMMMV3-c3rQJ1ofMJUZpvICH71wI9Mq2nLDsUdCj9yCb203BGGcmyw==
expires: Mon, 14 Feb 2022 12:22:34 GMT

GET
H2 200 71.css
www.thestar.com/static/ 8 KB
3 KB 94ms
93ms Stylesheet
text/css 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

94cfaac981ccf7963e55f283105d631a56210fe50af228fcffc63a5db2143114

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:56:14 GMT
content-encoding: gzip
age: 62197
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"205b-17eda642418"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0ChFXuFlAEzADekSM7toiz_Rk8bcqU5a1E_7i9BysaDNXC600YxgUA==

GET
H2 200 bundle.css
www.thestar.com/static/ 434 KB
56 KB 94ms
93ms Stylesheet
text/css 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=30223624a80ae0acc4e0

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1c20718b1c0169fd62a400dad810f15e4e064ed3129356cdc8ac21c0b6c96ccd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:56:14 GMT
content-encoding: gzip
age: 62197
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"6c991-17eda642418"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: bNvfNGcY3g7p7rJ89t6GPDG6MxnNAoo5FPy51kxtcfQ5843XJmo9XA==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 478 KB
139 KB 108ms
55ms Script
application/javascript 2606:4700::6812:451
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:451 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549fdc6034c005c4d1b62bf971f89636c6032d5e386a089980f06058028a4178

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 1124
x-guploader-uploadid: ADPycdv5caiD4Bll0OXsgwviNdkvTdLkENVE9hgoulqIwUl6WT33WDZUUUYDFI1suI0XJh7h63sB1M78aJRpiC6Smg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Mon, 07 Feb 2022 18:46:53 GMT
server: cloudflare
etag: W/"f0c60d993341c7c771224dee6a80f92b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=agsjcw==, md5=8MYNmTNBx8dxIk3uaoD5Kw==
x-goog-generation: 1644259613262659
cache-control: public, max-age=900
x-goog-stored-content-length: 146548
cf-ray: 6dd63506bed75a19-MXP
expires: Mon, 14 Feb 2022 12:27:51 GMT

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 247 KB
86 KB 125ms
48ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 668e63028ea3fcd991fdc6ba68efe5684dcd3762cdcf355ee8f502ee75f8318a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:51 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: 8V4BBEX3MQ7AQBMP
ETag: "521bfcbd7c2e1d437f33711131ef9759"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=35311
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 31aoAems2kzDP6+J0m4A0VLCLISLASmuDZEOdHMJSn5OZanLheHi45c0Rm7p8t9mwaI6asxBohM=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
468 B 91ms
90ms Script
application/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:19:30 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 10401
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"16-17eda5f9bf0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: uBt4lnksinNTfiJWc5nvow7Mzkm38_wZPgdMbQGrzPlfUbViqH-jMw==

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 40ms
39ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:55:37 GMT
content-encoding: gzip
age: 4634
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1df3-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gldvIzPSvzaBrOeHsmigllnisHpIMR9soC2VaJkRjCRGP3OSiUu1qQ==

GET
H2 200 loading-spinner.svg
www.thestar.com/assets/img/ 3 KB
965 B 41ms
41ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/loading-spinner.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:15 GMT
content-encoding: gzip
age: 4596
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"d54-17eda5f9808"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: gLw8l3dscQA28m-R_bSujOw9EEvwRNSQjfhxxAdM3XWAJFGxbjGO8Q==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 52ms
52ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:15 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 4597
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"24d-17eda5f9bf0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: _iKBssM1ZdrTG4tq7wsNYNy4M6SWdN5H7kPbCPB5y71NbJms9sYncA==

GET
H2 200 logo-thestar.svg
www.thestar.com/assets/svg/ 2 KB
1 KB 86ms
81ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:15 GMT
content-encoding: gzip
age: 4597
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"73e-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3kI6Ufci60fHMTbhHzMK8LvJ38y6bW6jFlj_Ap_-GKDjkidbuvuUhw==

GET
H2 200 Micallef_Shawn_logo2015.JPG
images.thestar.com/Ec-JCzPee8njjGORajU4_RaL1J4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 123ms
30ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Ec-JCzPee8njjGORajU4_RaL1J4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Micallef_Shawn_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2de1673186c399634f6f6abf9ca0922a014401cffe1ff71021e955475ab3d36a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 13:02:51 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 11142601
etag: "ad8cee3e125cf0dde446ab8c3f5f3bd61bfc2b65"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 2809
x-amz-cf-id: Tz7LrqbKk9n-7A_WPaIHygFq7yX11mbS2pjFZdBz7XikMC2k3NvVCQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DiManno_Rosie_logo2015.JPG
images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 121ms
28ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/x2cEM_MObMppPWahZfcIF-jFgOU=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/DiManno_Rosie_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 08:47:35 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 2258717
etag: "4e821b61fc91fae540b114d909a38e3e1f364024"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 2989
x-amz-cf-id: QrSWRY-D6GX7e14VRN1JxtGeHlJeO0HoExCrbIF_H0ish4Dgr6iHRw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hebert_Chantal_logo2016W.jpg
images.thestar.com/zcriBH5GetcognR9ZhuQd39SFW4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 122ms
29ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zcriBH5GetcognR9ZhuQd39SFW4=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Hebert_Chantal_logo2016W.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f1c7fdb6522522eef3c947243ffca58854dfbca9987adb0f49696a4a51cfd3a7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 20:18:52 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 2044439
etag: "681869e137181289e268ede0253e6a195f3049fb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 3071
x-amz-cf-id: nmqJfGfRbN40uL6BJ9AlOcfP8WQBn8Ox3U0jE7MS-xVbKs4jwrw__A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 beijing-2022-badge-01.svg
www.thestar.com/content/dam/thestar/static_images/sports/ 8 KB
9 KB 223ms
218ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/content/dam/thestar/static_images/sports/beijing-2022-badge-01.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 () OpenSSL/1.0.2k-fips Communique/4.3.3 /

Resource Hash

c8f14842bf6b55eed43d7188fc849f03f6bd0a2c2285587b4fc3ed9c3671b2bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 31 Jan 2022 20:39:32 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips Communique/4.3.3
age: 1179200
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
content-disposition: attachment; filename="beijing-2022-badge-01.svg"
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 8534
x-amz-cf-id: GBbnsyGda0qQpRkTQJbXs5iKB6dB7P5laJyfCGilt5OpBBeVjOBtpg==
expires: Mon, 14 Feb 2022 12:27:52 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
704 B 85ms
80ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:24:51 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 2881
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 263
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"107-17eda5f9bf0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: OFfYxBLbLqQ-rpsjIv6fnYIl5DKu5Dl-pt_bblv7YyMOD6MnRcO7Uw==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
4 KB 85ms
81ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:41:19 GMT
content-encoding: gzip
age: 5493
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"1e63-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: M1-u4HmnSP1RxNXMwOZHap0xaBHtAsjHPFAxjKgXj0CkGBMhS6X4jQ==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
5 KB 85ms
81ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:37 GMT
content-encoding: gzip
age: 4575
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:26:46 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"2859-17eda5f9bf0"
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dDqIpw2iAzjPXOwr4csmjBiNEkk6EF6iSVgBhR-gtytPCSvEpGkshg==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

152ms
24ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 01:07:27 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000171-IAD, cache-fra19155-FRA

Redirect headers

x-tw-cdn: VZ
Date: Mon, 14 Feb 2022 12:12:51 GMT
Server: ECS (mil/6CE9)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=",edge;dur=1
Content-Length: 0

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
566 KB 36ms
33ms Script
application/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

deda314c90a4d526810b243c21f4ffead204494dd210f555c6e0fdc4a079fa50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:39 GMT
content-encoding: gzip
age: 133
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"202f5e-17eda642418"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: n5CwEe4lMBC8kDOtm1O2sXtEaOCVjj0Vi_3fXeeGjylqIfNxBZ43gQ==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
238 KB 36ms
32ms Script
application/javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=e4224147

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1831b0f5a624f145d4e73d1c77e20bf9a28507ddd45ee72ff863f9b6b811f424

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:39 GMT
content-encoding: gzip
age: 133
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"133a27-17eda642418"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 9zzDvA_K8llmJ2UKAxdjIPjaIX3id7Dob3eATrevi8Yf1QGIxRghPw==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 302 KB
302 KB 49ms
45ms Script
application/javascript 18.64.115.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-117.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37aca04722332249aff198c2e1eb824ef37451464af75f554b0177d77a799ad1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:48:01 GMT
via: 1.1 f67cb1e6517f8abcedeb3b0734a257bc.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 02:00:19 GMT
server: AmazonS3
age: 27596
etag: "f37276593b9dd6b7b58269863ae2d9e4"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 308871
x-amz-cf-id: zRcUadVJxLwa4T6EpaO0YkP_vbroWNMilRTBxR78FFRVeQde4ZoBMg==

GET
H2 200 ozp_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/thestar/ 4 KB
5 KB 171ms
168ms Script
application/javascript 18.64.115.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/thestar/ozp_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.115.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-115-117.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18ed9d8d422203c7a87e2e75898e778588f2c8a923164f15f78a8b9390679e4a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:48:02 GMT
via: 1.1 f67cb1e6517f8abcedeb3b0734a257bc.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 18:36:20 GMT
server: AmazonS3
age: 27385
etag: "982a4b6796b706473d315badc5c6d5e8"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL50-P4
accept-ranges: bytes
content-length: 4521
x-amz-cf-id: 39_pxfnQvyKpQVTB76rJdmdPyTbJD4zVcBG04CmejcqVX8AmdtqFWA==

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 16 B
700 B 387ms
150ms Script
text/javascript 50.16.19.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json714

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.19.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-19-147.compute-1.amazonaws.com

Software

- /

Resource Hash

8aba6298f908385d09365b50082b23e201444c0e2d5a42d82bf98c25c1460be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 362 B
440 B 628ms
36ms Script
application/javascript 158.101.192.149
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.192.149 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8427bc5f38727831b33ee14188e5b1d4a95185b5c0eeae85d4fcc77c5ec3dc29

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 362
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 317 KB
69 KB 171ms
38ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43e97e5d45f33c232bdf7848baac24ce64370ce733ad8642a3827e629a853af5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:06 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:32:01 GMT
server: AmazonS3
age: 2447
etag: W/"de657f1c6428dacabc408696f7427fa1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 0UTJb6IkrHJ_z9qjQveUc9iK1OhgteGK
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: gs0z5Ul-4gvi598d1BhowhGWmQ6BJC9oSyaFZvpWL8ST0yoHYjABIg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 204 KB
72 KB 128ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93960021d02c08d1233877ce47dfb27a15d76c7c5ba482a716735ec46293ff9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72737
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 71ms
28ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: bb6bbbbf98647b93b389dcdb48c5ac50a09f147a53c97ac07af2275db78b2f7c

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 78ms
77ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: de5be5e24c2d64db9fdd8a0f48e6d9ce6f792bf62e4e2baaf8e8449acc7c367a

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:57 GMT
server: gfra1
etag: "620a3a65-e85"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3717
via: 1.1 google

GET
H2 200 opa-3d1a80cbbc4fdc4472eae80c14d918ad.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 103 KB
27 KB 27ms
27ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d71cd26a8d15e08c1bbf30862aea8c3f7b66db1ec5ca08c67d7ff1e03b4ad4eb

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:53 GMT
server: gfra1
etag: "620a3a61-6ab2"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27314
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 116ms
114ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=DA3E2BD71D47A6CF2D1AFC21C022DCE82&h=ad2f4ecf57f73d459aee8b541ca15433&r=0.2157904053926749

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:52 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
486 B 113ms
34ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 63fce060ca5565cee7bafc88f8df55765a3504c8d07ff7b69ae4c26861f86f2e

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
693 B 120ms
52ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:51 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: daad6e4f-387d-4fe1-bdef-2d3fdc4cdd9e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 219 B
438 B 115ms
35ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 40eed9f30c5cf0d5e3e051f8bc376a13f6025f628ad9795d8177c96ccb14cfdd

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151
via: 1.1 google

GET
BLOB 200
OK 13c37d62-5f55-46ff-aaea-52a3cff60886
https://www.thestar.com/ 270 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/13c37d62-5f55-46ff-aaea-52a3cff60886
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e88d5f263945d9341d3180cdab77d99915a1ab21962fabc4312f9ed09a1a0448

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 276588

GET
BLOB 200
OK 1f898004-2c1d-4e62-9920-dfb86d85e4eb
https://www.thestar.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/1f898004-2c1d-4e62-9920-dfb86d85e4eb
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9b392e587ae017404e8c563131cf72e306fe94c2e1ad9cd077dc43e4c1bc84c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 19525

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 103ms
32ms Script
text/javascript 18.66.107.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 14 Feb 2022 12:10:42 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 130
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: ZNLQl-crtD08h9sTlDDrdV_tjyBukCjLS3z_KfGBDDogO-68f1LsGQ==

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
91 B 58ms
39ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 881dd5e8b6ec07fe96ae408b5f83ad87578ac43f3ef743c2419cefd6fb232edd

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H3 200 vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 219 KB
62 KB 27ms
26ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e405c0d0ab8c71073b5d5f4bac965a420738c11b580602dd5bb76fcd7ca41c7a

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:57 GMT
server: gfra1
etag: "620a3a65-f98a"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63882
via: 1.1 google

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 3 KB
3 KB 240ms
62ms Script
text/html 34.252.133.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YSx2dTWyZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-I%2FFmdJ04glpMDA%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pcode=torontoprebidheader623296055317&rx=748697403913&callback=MoatNadoAllJsonpRequest_96043069
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.133.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-133-182.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 875df698fd711a6df4b52ff39287d1adc45965715ac4c9acd1865c9861a30468

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "ed02400fbb757b5da4ade21d7a46d3ea77d398a0"
content-length: 2955
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame E7E4 1 KB
2 KB 92ms
38ms Document
text/html 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

x-amz-id-2: tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id: 7Y2H1YDSCY2G4ZCG
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=1296
date: Mon, 14 Feb 2022 12:12:52 GMT

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 1349ms
47ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK 181778-254412191205210.js Show response
js-sec.indexww.com/ht/p/ 139 KB
39 KB 937ms
853ms Script
text/javascript 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Feb 2022 12:11:27 GMT
Server: Apache
ETag: "da16cd-22b48-5d7f950e1717d"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39661
Expires: Mon, 14 Feb 2022 13:12:52 GMT

GET
H2 204 ron.torstar.js Show response
hb.districtm.io/prod/101918/ 0
268 B 95ms
43ms Script
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/101918/ron.torstar.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6dd6350a588c5a13-MXP
access-control-allow-headers: Content-Type, Origin

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 64ms
58ms Script
application/x-javascript 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 56757E705A66F527
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=53778
accept-ranges: bytes
content-length: 54912
x-amz-id-2: PYfLxEWNlwDZ6lCd2UgASgx/6g8HWZPln2hsAZjqzoBk+Jl2tpaR4z8otmipVkvgioLaZjNYc24=

GET
H2 200 / Show response
beijijngmedals.thecanadianpress.com/ Frame DC60 2 KB
2 KB 583ms
463ms Document
text/html 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33588a91c0a35528645dc3f8117443e5c00c70bba1de6ac0132818e1cd6f7ef7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/html
content-length: 2128
vary: Accept-Encoding
date: Mon, 14 Feb 2022 12:12:53 GMT
last-modified: Wed, 09 Feb 2022 20:07:16 GMT
etag: "5386f322030b5a342e33d6597feb9507"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: UO6RUtgTc62EgrCNApYgh_uswVQCjlPLJv_HLYwXAyzp5atr3MvScw==

GET
H2 200 hp-widget.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame A14D 23 KB
6 KB 126ms
39ms Document
text/html 18.66.248.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-66.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 542371cadac2900fe706a2cb72ef579531e1fd5c4035dce4da345ddaadcbe05f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/html
last-modified: Fri, 31 Dec 2021 18:56:00 GMT
x-amz-meta-version-id: Yu_xc7TW93J_peac1Z2v4Y.D22xnV9CW
x-amz-version-id: FXr.crfz3DTu50xCded7GEEku5dpffZ8
server: AmazonS3
content-encoding: gzip
date: Mon, 14 Feb 2022 12:12:52 GMT
etag: W/"085e4d6b945679e45e8c1b6008c083e1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: mWLp9beXsnltA-lXXb4i25jYzdBM54MF-onQUgQX8lPASs8l0ypc7A==
age: 217

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 78ms
78ms Image
image/svg+xml 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=30223624a80ae0acc4e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=30223624a80ae0acc4e0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 09:35:28 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 9443
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Tue, 08 Feb 2022 17:26:45 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"2bf-17eda5f9808"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: d-gr_wIxiZLKTajFVVL2201Oe89f8kxPxIvxyE-TJ6Hh20yhkC8ing==

GET
H2 200 material-icons-base-400-normal.woff2
www.thestar.com/static/assets/ 101 KB
102 KB 62ms
61ms Font
font/woff2 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/assets/material-icons-base-400-normal.woff2?v=fe7e45c2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:32 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
age: 200
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 103852
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
etag: W/"195ac-17eda642418"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 2ImCeLaBattSPSI_i6TjX9O0uD2yoUDEN4pYmJFvRPSm4WJ-znuz_Q==

GET
H2 200 star-icons.ttf
www.thestar.com/static/ 21 KB
12 KB 66ms
65ms Font
font/ttf 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/star-icons.ttf?152ecd4302995eadca31c37662f7ecd2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

3817de7ee89900b5db3dc77bec5e75b9d44feea7ab19e7d409092da3c09eb870

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/71.css?v=bc61b869226e524cef2b
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:19 GMT
content-encoding: gzip
age: 93
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: https://amp.thestar.com
last-modified: Tue, 08 Feb 2022 17:31:43 GMT
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-frame-options: SAMEORIGIN
etag: W/"5254-17eda642418"
vary: Accept-Encoding
content-type: font/ttf
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uAv58oiYGLoXs1crVIGiVMxPgR9rZqzZNxTfP6Rm4kymMF_1z-ZXQg==

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 98ms
77ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:51 GMT
content-encoding: br
last-modified: Mon, 14 Feb 2022 11:17:53 GMT
server: gfra1
etag: "620a3a61-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 adsct
t.co/i/ 43 B
338 B 224ms
134ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=acfce9a7-7ef6-4b6b-ade8-c5095b501a36&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 111
date: Mon, 14 Feb 2022 12:12:51 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c6b76260a3e4614dbb78554439428603a8ee09942f4cd10c3b769c56cb85f058
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 84ms
27ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: iMA75Ab0p6hS8sQrQhSvv8Z6m8mRKhYFtG6QLPccaTOOGC0Dw3MDk0XYcWJG8URlm+/p+mR2ej+McTbkH74g3g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 14 Feb 2022 12:12:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 104ms
31ms Script
application/javascript 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 01:45:53 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 37660
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: zGh_o_4v8ddCVhq9GCd7wOESDP7UPYJ7XS3ZP08wlINu215oMXo7LQ==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 490ms
406ms Image
image/gif 18.66.242.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-12.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: xUJsCMWb1qnLCYEaRNQKzOZHPCM4RkRncBhvrg9e-HMOyhUXkUk79w==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 109ms
28ms Script
application/javascript 18.66.242.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-164.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sun, 13 Feb 2022 21:36:01 GMT
Via: 1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
Age: 52611
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: QO5DQ6L9RZ34vdnhJ-9BMUV4o6mu9XQ6Ws3LUKxDrevfP297NYwTOg==
Expires: Mon, 14 Feb 2022 21:36:01 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 157 KB
46 KB 92ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=456900
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3ca4ba239ed2d8c05925a84d13a62b52aa0abecccede81e4db5d583ba4d3539

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 02:39:47 GMT
server: AmazonS3
x-amz-request-id: GGS6CJCE8HHX56EG
etag: "1092116463757aa17ecc0bdb18195ecc"
x-hw: 1644840772.cds015.ml1.hn,1644840772.cds221.ml1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 46600
accept-ranges: bytes
x-amz-version-id: 0uK.FWXfXeZfVgBak_oV1vcH9geYa0PV
x-amz-id-2: ydQijnIG1OETK74UPr9BrkbKbBAk8rYNKepmdDOj+Zy1X43ndWTc+0qhZktHQ0KWN+NSpm4nb/4=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 92ms
33ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: GtBleBshAfJx9KFXwg43LDlo50FXi9le
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 76
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SHEK4GDX5C40JQ31W22
date: Mon, 14 Feb 2022 12:11:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: IGQuEURQwNC41f-u6BcnoBW3fWYMM35hXdZoex33ZHpj1SYWy6nzrg==

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
457 B 283ms
143ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=acfce9a7-7ef6-4b6b-ade8-c5095b501a36&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
server: tsa_f
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25a7e2810cbfe7f4efe3d45c872ac3f9c8e71d2964963c5e8ae9dfdf0bb1955f
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 css2
fonts.googleapis.com/ Frame A14D 4 KB
1 KB 119ms
36ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f4db5659caa6188fbf8fa4d789652351c6b4e115aceed4d97b560e918c53fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 12:01:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 12:12:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 12:12:52 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame A14D 207 KB
69 KB 51ms
44ms Script
application/javascript 18.66.248.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-66.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
age: 87
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
date: Mon, 14 Feb 2022 12:12:52 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: P_h9t1-u2iye4S69OkqoXyTVN-t1Ne34gFUMr9iPf_h3UMkYPx_VEA==

GET
H2 200 needle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame A14D 470 B
882 B 38ms
37ms Image
image/svg+xml 18.66.248.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/needle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-66.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: PHp84jahms4CJNjldWqFykMudiRkBAyd
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 18:23:00 GMT
server: AmazonS3
age: 259
etag: "7b192d8826a89c17b265266118be34e4"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Mon, 14 Feb 2022 12:12:53 GMT
x-amz-meta-version-id: MV9uaQT60tDgvyFTmtizWztglNGxBqZN
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 470
x-amz-cf-id: 4WysMicK81q-qe8LM1ksN4sc-27Sz8I1vqtVjYb4PQHHrU-HNk6nug==

GET
H2 200 greyneedle.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame A14D 465 B
836 B 37ms
37ms Image
image/svg+xml 18.66.248.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/greyneedle.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-66.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: jfLD05iZMIZ7gkaEXfKmtY6Chs0LH8kp
via: 1.1 6b2d62d60926d8d51fdcbcc94fce643a.cloudfront.net (CloudFront)
last-modified: Tue, 27 Apr 2021 15:34:40 GMT
server: AmazonS3
age: 259
etag: "7a9e2f9f869c3b5f5c1b0bc84c743854"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Mon, 14 Feb 2022 12:12:53 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 465
x-amz-cf-id: yDyZx-MyZIPHshUdxikXn9rn6xj7l-eRANzD2qMyMFtRldAqBa5AMQ==

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame A14D 804 KB
56 KB 986ms
263ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=1000&callback=getCaseData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5452575314e1670666677df12b99c0b0b0f86fdd6a076e1bdf374e59f36a75c1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Mon, 14 Feb 2022 12:22:53 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame A14D 186 KB
13 KB 320ms
283ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=0f8b343e-fc28-4ca5-9aab-c3a1d2c919f1&limit=2000&callback=getLTCData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 335e965a01427602557c0e4e0407bb012cbebab68012fb57488c62df20eaee91

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Mon, 14 Feb 2022 12:22:53 GMT

GET
H/1.1 200
OK datastore_search Show response
data.ontario.ca/api/3/action/ Frame A14D 184 KB
20 KB 532ms
276ms Script
application/javascript 52.139.4.139
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=1000&callback=getVaccineData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.139.4.139 Toronto, Canada, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 143931a05844543ad39fb3df7fbfc9c8411b32fd5bfd1b00f29fe80ff3202c6c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=600
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
Expires: Mon, 14 Feb 2022 12:22:53 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 248ms
55ms XHR
application/json 34.241.151.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1644840774168

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.151.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-151-12.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7df2ab0e05822016b88243baf75d0cb2bee05eba7d693ef0e8df9ecbb7fd29ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v027-0654e5006.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ikACxsCMRsM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 326
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 34ms
33ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:11 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2442
etag: W/"820eb42f3120ddf65e303b24a8285815"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: vz03mFQIjr.BEzGMOXecgqTlf5QWgol8
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: gTwoECLWWr6qHX_g6UlwuV40IS5DtiMy_8xkXgmLz9SNQhMYRLdluQ==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 34ms
34ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:11 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2442
etag: W/"abbe69e5c8f385f00652c3d0c2bba347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: Rs_uYherBdvpbpMPl1atKolsjOSj8_0j
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: K-QOP-cf-l8XybCdN9CXYwBUyPR7YWZLfa3ydwDTEdDBiJosVjOwUA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 104ms
34ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=e4224147

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e0e64270b66cef6244e5a7463a649e24b93e8908f2600d8fd1c3c5055d27cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27159
x-xss-protection: 0
server: sffe
etag: "1131 / 562 of 1000 / last-modified: 1644839162"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Feb 2022 12:12:52 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
430 B 28ms
28ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:46 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 126
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
content-length: 19
x-amz-cf-id: Ax8YCVeuCmM435bG0CeeW2TT5_wxEErq-DKswrzRmlVSYGjcGWIWng==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
430 B 27ms
27ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:46 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 126
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
content-length: 19
x-amz-cf-id: il3dEXFcpQvdMY_86mo5Tvyyu4hWAsqLzHebbCjJyKbDI2brda_WMw==

GET
H2 200 sportssettingsdata Show response
www.thestar.com/api/ 654 B
1 KB 217ms
216ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/sportssettingsdata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

bc92db10eb34954ec128d6db4e88bced94f3579131eddc361bfd60b329619769

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"28e-aCYZh6sTfsPDyWC7f7L+6JETt3c"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 654
x-amz-cf-id: krALc1MBZ8WCedaPFZGqEQ7x-OvUKrb8IFD5QOJMHtCtSiaZLdKalg==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 19 KB
19 KB 27ms
27ms XHR
application/octet-stream 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e150724e787fc57db27606b4a4eedf0947739a1c80c2157340cf28716e753f3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:26 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 12:02:28 GMT
server: AmazonS3
age: 207
etag: "512dff0525875b871ab1407b4824ab15"
x-cache: Hit from cloudfront
x-amz-version-id: WwYCmDc5N3c4pfy6klm073nGtBIwNO.f
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
content-length: 19419
x-amz-cf-id: aau5Ccv-n9XU1IG8dQp_a9xxrrtvZsoFcHA26GL9toWhJU2rpTYWtA==

GET
H2 200 all-home-0-default-default.json Show response
www.thestar.com/ts/api/trending/ 19 KB
19 KB 27ms
27ms XHR
application/octet-stream 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/ts/api/trending/all-home-0-default-default.json
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e150724e787fc57db27606b4a4eedf0947739a1c80c2157340cf28716e753f3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:09:26 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 12:02:28 GMT
server: AmazonS3
age: 207
etag: "512dff0525875b871ab1407b4824ab15"
x-cache: Hit from cloudfront
x-amz-version-id: WwYCmDc5N3c4pfy6klm073nGtBIwNO.f
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/octet-stream
content-length: 19419
x-amz-cf-id: oQrQEkJEtDSd8UrPZXEBIuTENvoL-LQPhU4XKONh6U08mpmjqsghcA==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 160 KB
39 KB 665ms
509ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=e4224147

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

0bf24129fdecdf539558d4dc948b494614fdf8647f43231d33d88598ee5299f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "99acc35ca5bd9d93e85da4b58d24da85-0603920f80759006b4feb1c7260e9fe6"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Content-Length: 39835

GET
H2 200 dr_david_gomez.jpg
images.thestar.com/PYtHh080_CTB7f78Kj5Bv71_qYM=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/02/14/catastrophic-surgical-backlog-in-ontario-will-take-years-to-clear-docto... 56 KB
57 KB 37ms
36ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/PYtHh080_CTB7f78Kj5Bv71_qYM=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/gta/2022/02/14/catastrophic-surgical-backlog-in-ontario-will-take-years-to-clear-doctors-say/dr_david_gomez.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9c4c935ecfc59904ac85c8316d4234cbb505e9ae3226b99836d1efeb20382e61

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:04:39 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 7694
etag: "8f4f05f11612252b23db9aeff4c399004b864b09"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 57620
x-amz-cf-id: G-BWq4yMglJBDdwvLulSiNhRSlUtZ9PZasUQFeYnsiyAYCZ735SEjg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 d32eb4fd41b347d8b0b68877805f59bb_d32eb4fd41b347d8b0b68877805f59b.jpg
images.thestar.com/a0cxMgIerHHCy6mMFxQLWsYMF-k=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/13/beijing-olympics-news-team-canada-winter-games-updates-feb-13/ 45 KB
45 KB 71ms
69ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/a0cxMgIerHHCy6mMFxQLWsYMF-k=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/13/beijing-olympics-news-team-canada-winter-games-updates-feb-13/d32eb4fd41b347d8b0b68877805f59bb_d32eb4fd41b347d8b0b68877805f59b.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 183f26ea4fe2c343ae6766e1ccd356a64e75847ee95e3446da0aa2ba634f30c1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 02:01:35 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 36678
etag: "5c6eaf4e5d2bf53d374f2d93e02bb33832f14005"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 45701
x-amz-cf-id: 8qhsdLk6AHKd6mpYgkxJI2uNlStYm3CIwSlxySbKl1vK8WM9-Cx0aw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _1_main.jpg
images.thestar.com/9KJbbXLsDSapJlzChXq9poNfEG8=/690x460/smart/https://www.thestar.com/content/dam/thestar/life/health_wellness/2022/02/13/cold-plunges-are-getting-lots-of-buzz-but-is-it-supported-b... 83 KB
83 KB 148ms
146ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/9KJbbXLsDSapJlzChXq9poNfEG8=/690x460/smart/https://www.thestar.com/content/dam/thestar/life/health_wellness/2022/02/13/cold-plunges-are-getting-lots-of-buzz-but-is-it-supported-by-science/_1_main.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3eb840c90fa2b960a984d3b06f9d59d1b601410b83780df6e2629877dad79767

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:15:25 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 71848
etag: "c45e2dede0a30f034e0ccc392070e7895065fa6e"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 84810
x-amz-cf-id: Agz8tfoIcjdBaIfg477k_Vyk1HVunRE9NEr-6_wujQbftqcTnluQ0w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220214060224-620a3cb9f028e064db724fdfjpeg.jpg
images.thestar.com/Y2bTn-XLaaLoulWWkg4cJIvZdQc=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/14/canada-taking-the-long-route-in-mens-hockey-at-beijing-olympics/ 55 KB
55 KB 71ms
69ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Y2bTn-XLaaLoulWWkg4cJIvZdQc=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/2022/02/14/canada-taking-the-long-route-in-mens-hockey-at-beijing-olympics/20220214060224-620a3cb9f028e064db724fdfjpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a0537c11b003a1decb75be22d0d6cc543c48e9c88466b4e35b06b5eaece163e5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:46:02 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 1611
etag: "ad913445fc5176cbefb0bddbb4670256e3ebe87c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 55923
x-amz-cf-id: bpxs9JmfSp-KfpEHWVnwXJ89-kgDv3v68oa7G3LmiZhmoDua_Sjuew==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 leafs_empty_arena.jpg
images.thestar.com/LOkj0K4HdPT5asPWw8YRitH3BFs=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2022/02/14/inside-the-nhl-win-now-leafs-have-growing-anti-ontario-roa... 48 KB
48 KB 123ms
122ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/LOkj0K4HdPT5asPWw8YRitH3BFs=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/hockey/opinion/2022/02/14/inside-the-nhl-win-now-leafs-have-growing-anti-ontario-roadblock-to-deal-with-plus-tuukka-rask-goalie-class-redraft/leafs_empty_arena.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f9b9e6446d7f175e8589db2fa6d8b787cbfd392331d58b7ec88f32a89c97f75d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:01:47 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 4266
etag: "037a481201d1c64819bc81674a02a998ccf801ad"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 48800
x-amz-cf-id: PFvrURs9KjQWD5Vnrff1XZVWB7owmME6EoyQrVh_3V5TRwK52X411A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 107ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2279
date: Mon, 14 Feb 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Feb 2022 13:34:54 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.4/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.4
https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

5 KB
2 KB

59ms
59ms

Script
application/javascript

2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.4/dist/web-vitals.umd.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2109233
fly-request-id: 01FSX6W4F0HDC3WZ2B0RE4K2JD
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"120b-0F8cYs4ysxGP6ebngBlASGivDqM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6dd635129fb20e1e-MXP

Redirect headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSX6W46Z5C5ZFHB8FKF4AMJN
server: cloudflare
age: 2109233
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.4/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dd635121e760e1e-MXP
access-control-allow-origin: *

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 6F49 7 KB
3 KB 260ms
52ms Document
text/html 52.210.75.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.75.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-75-127.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 14 Feb 2022 12:12:53 GMT
DCS: dcs-prod-irl1-1-v027-00fd61927.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 19 Jan 2022 13:18:53 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: bWqVUPh8QLY=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
s.thestar.com/ 48 B
507 B 161ms
36ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=47255164298653916142492742556845038112&ts=1644840774966

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

8d6f66493a7fc78db53ef589b2c9a8fe8dc33266b1bad0f99a51f852c84b39b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-w47nf
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YgpHRQAAAKeNXQO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=47269294736822312842491903800621531178
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAKeNXQO1

42 B
945 B

56ms
56ms

Image
image/gif

34.241.151.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAKeNXQO1

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

34.241.151.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-151-12.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0e88eeebe.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mYQbm4B6T1M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YgpHRQAAAKeNXQO1
Date: Mon, 14 Feb 2022 12:12:53 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 humphries.jpg
images.thestar.com/0nBZlK6AVitN26A8WvYH035nhO8=/330x220/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/opinion/2022/02/13/canadian-turned-american-kaillie-humphries-stands-alone-... 13 KB
13 KB 32ms
32ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/0nBZlK6AVitN26A8WvYH035nhO8=/330x220/smart/https://www.thestar.com/content/dam/thestar/sports/olympics/opinion/2022/02/13/canadian-turned-american-kaillie-humphries-stands-alone-and-slides-alone-to-monobob-gold/humphries.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 41ff31cc2d4480d58bc5c85ee17c1b78392f83825250e87fb9ed40d886e374ff

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 04:02:52 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 29401
etag: "d13f47f77857711842c391c726aab4a8259d9871"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 13418
x-amz-cf-id: Y8pe7QoK2ikTIEBhq1Ki5YOCoW_aZJSIEgVFqlOf8K3JJFVksPRz8Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ottawa_convoy.jpg
images.thestar.com/OCoQ8XROCwBj7YEeLTzOferiurc=/0x0:1124x749/114x76/smart/https://www.thestar.com/content/dam/thestar/politics/federal/2022/02/13/ottawa-police-want-more-officers-to-deal-with-truck... 4 KB
5 KB 33ms
33ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/OCoQ8XROCwBj7YEeLTzOferiurc=/0x0:1124x749/114x76/smart/https://www.thestar.com/content/dam/thestar/politics/federal/2022/02/13/ottawa-police-want-more-officers-to-deal-with-trucker-convoy-but-sources-say-there-is-no-plan-for-how-to-use-them/ottawa_convoy.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 925dc37d53806eb1b265cad0eada8d5bcd6413b1c2928c892fc34d9837e4113c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:11:37 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 3676
etag: "69eef91aebd20de21b791fa271604101610339b0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 4481
x-amz-cf-id: db9NkkxSi4nv0tMgUBmkuevYskBLaX2JuHq6Ku-uAntZOq2dS3qMIw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ Frame A14D 37 KB
38 KB 99ms
28ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:57:28 GMT
x-content-type-options: nosniff
age: 548125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 03:57:28 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1644840775053&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840775053&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%...

0
224 B

35ms
34ms

Image
text/plain

108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840775053&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 4dzJqwlD3LDymKqFu9QaYQu_Xqa7LvGTWCEeKE5yhGipKbGKX4nb9g==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1644840775053&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada's%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=
content-length: 238
x-amz-cf-id: TVCrDoT2dIjgD3iTX_XZAOnOXsi9f0e1iIGH-YPpgPWlh2XG3ookAA==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 99ms
36ms Script
application/javascript 18.66.245.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.245.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-245-59.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Feb 2022 07:36:47 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 15:53:19 GMT
server: nginx
age: 16566
etag: W/"61f805ef-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 8gGJlwVjZtsWA9Wx08guxmvqLKasRl-UZxbvcNcH_IWfEYf0DYWoDw==
expires: Tue, 15 Feb 2022 07:36:47 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 10 KB
3 KB 401ms
363ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: fc8ca38053185a62da400a7d81fca39035b7f35202a2b571f1498d553c1b8d98

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 5 KB
2 KB 318ms
285ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a8ad803f7ba4e78ac76c298f68e69d88ae2ed4d389f9bd6082aaa63e3948828f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 9 KB
3 KB 343ms
318ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 2340dce2ad3d048afe7a502a27b037d87a8ed9a15975a214a4331e2c9b1a8e5e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 6 KB
2 KB 337ms
318ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: f19e5a983188eb634fbb84acd91f52675dd2bae3317fd395f3ddf3254ae83803

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 11 KB
3 KB 331ms
318ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6725f37b7e0989851d8c7f342db0bce8e208703d97c772a408dcd61ae3b822c9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 4 KB
2 KB 328ms
319ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 27aff93119159623e908cc6e5dba2590ac1f35ff51493af0379b09fa355309f8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 13 KB
4 KB 289ms
288ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 5d1be642ce02df3eed902b78843e8a99f383bcccddbf4e0b097672d2c018a145

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
175 B 167ms
133ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=2183&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=30&jsfv=nbc&ts=1644840775080&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 32ms
31ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:39:40 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Server
age: 1992
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: -r-3WMNU2ab2Y210SNWoq3CwCcsqGTMKXltzYaf1uIPHcebPi6YBRw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 115ms
39ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 32231
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Mon, 14 Feb 2022 03:21:03 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: O27bIFnajaCy2V7QfhJrWldzKBUzaKna004BLIXPUwq0LuBziSJPsQ==

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 5 KB
2 KB 305ms
305ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 3ea558b901b3ec4da6aa20dc9d6d7a9b3c3d26f709218e1421fdf93da7566bf1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google
content-type: application/json

POST
H2 200 713 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 49 KB
9 KB 412ms
412ms XHR
application/json 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/713?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-02-14T12%3A12%3A55%2B00%3A00&ts=1644840775164

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

5945831480135fa4744e0a3fdc32531b0ce3779526092392138a8e7fdd91aee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 8219
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: iNDTPU3Uv8La-kS80ALf6t3a9ZCVZkybG5u17D227JpXYQPGPHKq1Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.c102d52c.chunk.css
beijijngmedals.thecanadianpress.com/static/css/ Frame DC60 2 KB
2 KB 414ms
414ms Stylesheet
text/css 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/static/css/main.c102d52c.chunk.css
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d32d26418f0a4cab9453fc8f9ae4350845b201ef329fe69aac4840544f9c213

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:15 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "8f52e309bcedcaae0ca88116671391e9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1664
x-amz-cf-id: umpuNUfU7jLofv7aW0i9oLgwltps4dmBGv-PcRo0Wu_55p650LFl6w==

GET
H2 200 2.3cc02254.chunk.js Show response
beijijngmedals.thecanadianpress.com/static/js/ Frame DC60 214 KB
215 KB 422ms
422ms Script
application/javascript 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/static/js/2.3cc02254.chunk.js
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce645f5d54866ed5cf909b236e041b7e9326b7cdb71e8e507fe5fa79172c5ddf

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:14 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "deb9cd5d6619719d3ba6062c14599849"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 219230
x-amz-cf-id: AlvXswbJ2EcswGqYfOoRSmVUqdMPwgTDMl5_vf-xmeWox0RwlyI4Aw==

GET
H2 200 main.200d8e04.chunk.js Show response
beijijngmedals.thecanadianpress.com/static/js/ Frame DC60 68 KB
68 KB 413ms
413ms Script
application/javascript 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beijijngmedals.thecanadianpress.com/static/js/main.200d8e04.chunk.js
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 501db17c4702013db299f94dd0bb8684f382ab667d5e62f29298d7cf8655ee79

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:13 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "ed0708995271a9895b8578b356acba2f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 69546
x-amz-cf-id: BTAeTP1Me1jqGc2lYkj5c_2mq1qkvJPek2-wlgrT5aIwDT2BCu983Q==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 169ms
54ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 205802e728ee2e6fc99329d166ba57cd8dd67e3462a352f8e27a15905790b3d6

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 16 Mar 2022 12:12:53 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
328 B 87ms
36ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 92ms
26ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Feb 2023 10:56:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
766 B 102ms
35ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

5cb58980d85cf281723d540bba89bab8667e9929132da9cf516b39cbf6afb4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:53 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 73ms
39ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=702580858&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=2133649609&gjid=1344473869&cid=645813381.1644840775&tid=UA-70431129-1&_gid=848569409.1644840775&_r=1&gtm=2wg290P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F98.0.4758.80%20Safari%2F537.36&z=329112007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 64ms
40ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=702580858&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=1654000935&gjid=1198100325&cid=645813381.1644840775&tid=UA-73335503-3&_gid=848569409.1644840775&_r=1&gtm=2wg290P86MZHL&z=117216276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 24 KB
24 KB 381ms
45ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 48c2e09fd6c9a2479c5250705a3af4b13dec0c89e94152aed7fd24c59ffb77d9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 24454
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 28ms
27ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

0aade1454de72aaab14b0ce231e3be92dffd5fe6ff7c1d97498612a0c377edd8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:48 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 125
x-powered-by: Express
etag: W/"2c83-jMZzegW8UD3v7UAs7NiD0ygTxNQ"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 6G1U5efjCXc5fT0pCdM8HFVfNohOnsIXakKwcWKi57BaXwewFJ4Gag==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 447ms
108ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1644840775306&plid=35471044&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11149%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1644840775254&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Mon+Feb+14+2022+12%3A12%3A55+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=24918575&u=pid%3D085e546389f1e7f694383ff13b175dae
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:53 GMT
Cache-Control: no-cache
Last-Modified: Monday, 14-Feb-2022 12:12:53 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 144ms
52ms XHR
text/plain 2a00:1450:400c:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-70431129-1&cid=645813381.1644840775&jid=2133649609&gjid=1344473869&_gid=848569409.1644840775&_u=YEBAAAAAAAAAAC~&z=1639390621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Feb 2022 12:12:53 GMT
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
132 B 64ms
44ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 7edbcc3b82301c6e1c94465ceeb5b7c17272fcb45a88bfb8af03de7298b57098

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
via: 1.1 google

OPTIONS
H2 200 47255164298653916142492742556845038112
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 428ms
289ms Preflight
application/json 65.9.78.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/47255164298653916142492742556845038112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-92.ams1.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 14 Feb 2022 12:12:54 GMT
x-amzn-requestid: ffeb450d-2259-4325-961d-349bc6f42b06
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: NiAS-GO6oAMFn9g=
access-control-allow-methods: GET,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 cc03ea6a31b592e93e84115778cdc494.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: WLMP5uJl7IyEfr-BIvqgmn0ARauzm0nv_ioxbAhxtvKrAgCfVJGikg==

GET
H2 200 47255164298653916142492742556845038112 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
417 B 318ms
317ms XHR
application/json 65.9.78.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/47255164298653916142492742556845038112
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.78.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-78-92.ams1.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 cc03ea6a31b592e93e84115778cdc494.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: 42b72370-433a-440e-95ab-89b9d3c0e0cc
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-620a4746-27b3459e60ea050d6288c2b1;Sampled=0
x-amz-apigw-id: NiATAEJiIAMFb9A=
content-length: 51
x-amz-cf-id: T8ZLN52hrPcd1NIpPGyQGhqwydBP3x49QoyVFu9ZUwT4to434VUMfg==

GET
H/1.1 200
OK common_widgets.302c29ff689186dbc6db.js Show response
widgets.media.sportradar.com/assets/ 469 KB
141 KB 47ms
46ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/common_widgets.302c29ff689186dbc6db.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

03430d731a51f0135c19e0f0a3ebd0eb9735e582be8521eabb50c8636025ea53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "51f2fc0f545cbc8ebe02de9942453615"
Last-Modified: Thu, 10 Feb 2022 12:36:17 GMT
X-Served-At: Thu, 10 Feb 2022 13:35:26 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143638
Expires: Sun, 13 Mar 2022 13:35:26 GMT

GET
H/1.1 200
OK us.common.scoreTicker.b747d0c0034ca1069c08.js Show response
widgets.media.sportradar.com/assets/ 502 KB
135 KB 121ms
33ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/us.common.scoreTicker.b747d0c0034ca1069c08.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

0060d2dda7b23b9d68885f719c220efc1e787a7c9dfb017bbefda9ac6a133175

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "1030b9a6819dee8e529f0030726a984f"
Last-Modified: Fri, 04 Feb 2022 20:00:28 GMT
X-Served-At: Fri, 04 Feb 2022 20:55:37 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137629
Expires: Mon, 07 Mar 2022 20:55:37 GMT

GET
H/1.1 200
OK react.6de99b51259fc63a2ae1.js Show response
widgets.media.sportradar.com/assets/ 117 KB
38 KB 119ms
30ms Script
application/javascript 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/react.6de99b51259fc63a2ae1.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

73cb733aad8948c06e0825fe9456eb162f7af568f7ec1b62dbddd161c3051243

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "8d2cdab18cd100e1453be8ee8cec4fbd"
Last-Modified: Fri, 04 Feb 2022 07:47:57 GMT
X-Served-At: Fri, 04 Feb 2022 10:45:59 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37925
Expires: Mon, 07 Mar 2022 10:45:59 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 235 KB
56 KB 166ms
48ms XHR
application/json 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1644495749081&h=5ba72aab0ac62171564e1d9fd5999370

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

6da5dd3b777c8f89f95d3a55c05e7aa16894cb81bf34be13becf45494effbe9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 12:22:29 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Date: Mon, 14 Feb 2022 12:12:53 GMT
Connection: keep-alive
Content-Length: 56396

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 28 KB
4 KB 533ms
416ms XHR
text/css 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

794f815439957a99ba5c28299d021fcc1b062b687ab8306ece58727baa2f147c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 10 Feb 2022 12:22:44 GMT
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Date: Mon, 14 Feb 2022 12:12:54 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3730

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 11 KB
8 KB 564ms
447ms XHR
text/plain 2a02:26f0:fb::5f64:996a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:996a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

/ Express

Resource Hash

aad75ee023ab7b0c9cac9a7049815dd801a93abb524c332e470e7d5b7a8f2d30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
ETag: "b5153aa7bdf558b5586776e5de46c5a4"
X-Powered-By: Express
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Date: Mon, 14 Feb 2022 12:12:54 GMT
Connection: keep-alive
Content-Length: 8195

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 210ms
209ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

95344dfde60f4020ff7047369f479d442e47843d1e4933598409d2a09d57b04e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"f8c-Oa8vw10HQxuImBajr/pi75nbB5M"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: jWyPSKp8reiKim71FQqAGicia3q5mmf8wHst_MyhyivGJ_md4Zxt0A==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 11 KB
2 KB 209ms
208ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

37f354767d903f5778c18c65bbaede1a266f953431a6e821803656cd516bfe62

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"2a0d-UnXAya+9Bu/EvTyE7Qjjd5rr1SA"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: cu-8hOhKzCh1gL3VPMbKiPpYjki4U0_5QxnzwVw5J0uhACMAOkB6fw==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 6 KB
2 KB 209ms
208ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b4139a4dd4b9334e7c3bb6beb9be0ddb893d665373cec1b8893f0d1f378c1e17

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"19f4-srI/hA1HNtYNr0oKnH3aaEMMWGY"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 7_3pyKbgDvP2UDGBuvaY29nbO0B26enRhDgZ6tIn1eruHIE7hQvyCQ==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 210ms
210ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

e23a6776aa183e28089211911a9921af2d71eff25b3bb156c108eeaddbcbcad9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"1ef9-fQQSGl0ZexEhVwsHo8GQQpJEci4"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 60Beg6EMpoHqF_YY6xr_WSmDazL4fF724_ILIMaNImgU_PkVMOqCoA==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 262ms
261ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

0aadccef70dba22774bb34d89d8bb78dcf357c2876983813122b75edd60be756

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"1009-BxE4FnLydXz+yiURavY34disyik"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: Zr3C-sPQcL3MqK886R1gZymSYivH-Z_cN3vyZGW9sTuXJuwU-rVS-w==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 229ms
229ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8475d35545e912302704e862b7dbec5fceb6da0c085b7646eaf96b7e24902d00

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"e01-sSW68I488vn+CEAIQ2NnrO3kCGA"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: HZXEWamNdupcaZPA_z7vbYo3FgbcGa5RwYOn46ooVy0gG0aX-CvdzA==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 236ms
236ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

2a7f2dd0765d4a3be21d3655f8f19637e2f2e03e4d69d05963ec6dabd6df6040

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"ffa-SARw/3HnJMbXoOoZOV9ibN3GJKo"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: QrjrSMbCUyuLYplcGhRU0eLRP60XZO77vxlk8Jprh79HfkAIWGSgyw==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 210ms
209ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b75b938326ba99ef43c51f37a07b18c8c6b5699594cf87f3e770901481f5dbe9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
content-encoding: gzip
etag: W/"2020-g0P/ajNlhqI2ypwOviIo+DlyHck"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: 3LVpE-Qq2QBBbvdjeZgMrtnZcHkjn9yRPY_CulwBzi2fUoeRxGEQXw==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

GET
H2 200 30c1d1c006df0a64085b78288f0c555f Show response
e377.thestar.com/plugin/plugin/ 197 KB
43 KB 32ms
32ms Script
text/javascript 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/plugin/30c1d1c006df0a64085b78288f0c555f

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

01cffdff6aab482bfe1b1c63e467769336e0a4016146a581d091a05f9b70f3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 243069
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43372
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 16:41:44 GMT
server: -
etag: 30c1d1c006df0a64085b78288f0c555f
content-type: text/javascript; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: rwKXzLpvAMc3lO3msUXoPxNJ2PC5YE9xpjfMTLY8Wz3AvvDIPcap6w==
expires: Sat, 11 Feb 2023 16:41:44 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 120ms
120ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=eD2rjARjFpZZm&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:53 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 2FKMP3G1QN54TYQ4Y59P
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nzpxQkNBlP8FiGpH9YPnEOK2X1AalUGMsJCYMIaPCBtbtZaBQ016Ng==

GET
H2 200 mdc.textfield.min.js Show response
e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 31ms
30ms Script
text/javascript 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 809634
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Feb 2022 03:18:59 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: IngvtefCopUCUjf8lguqFxEBuDBcEGpdAK59_a472I29mTPblXxM7Q==
expires: Sun, 05 Feb 2023 03:18:59 GMT

GET
H2 200 6666f343d19afa6e14d2061c890dddd9 Show response
e377.thestar.com/plugin/library/ 470 KB
149 KB 34ms
33ms Script
text/javascript 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/plugin/library/6666f343d19afa6e14d2061c890dddd9

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

d217301d1beca280818807958c12328fb84bdbb1bc7c23702276124c00a4bd9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 243068
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 152264
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Feb 2022 16:41:45 GMT
server: -
etag: 6666f343d19afa6e14d2061c890dddd9
content-type: text/javascript; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: DUS51-P1
x-robots-tag: noindex, nofollow
x-amz-cf-id: JbAPKRnfiRomsp1DAIz6F5RKsC_zLWT0Qz4ij4xSdv8BsiwvEmQQVw==
expires: Sat, 11 Feb 2023 16:41:45 GMT

POST
H2 200 LB-Zone-1 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/713/ 2 KB
2 KB 411ms
411ms XHR
application/json 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/713/LB-Zone-1?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=175219cb-39c0-4519-aba2-9d20283f3986&overruleReferrer=&time=2022-02-14T12%3A12%3A55%2B00%3A00&ts=1644840775652

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

4852fe502fe0076f7731ebfcde29d34f98891893cb917a0ee95d7ca83bb7139a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 878
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 8yal9LrS-oDgMEQ7WiTBxNbsBi9PqeJt0m2G2ps8nW1bYWETDYhIkw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 169ms
44ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Mon, 14 Feb 2022 12:12:53 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 47ms
41ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 108 B
595 B 493ms
362ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a1b9d144338ed4ee9b0f0333b037b7dbadda35472e25558b49cebdcabd15b016

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:53 GMT
ETag: W/"6c-B1561Z9IXJbQhopLe4lj5i69LgQ"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 108
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
404 B 253ms
248ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: b_WxFw5eV44n1bFBs6Zf6iML8mVCaG1Mp4cu78xJVfMoVu_1VzpE3w==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 227ms
225ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8c437f676063e9ab67a382ebb571f0c348ff9e91d6528a15813d8905b5ff3c25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"d64-ZqTevFGQmLFUAyc/DTH/obQLaDs"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3428
x-amz-cf-id: E45QP22Mq6BkK9mE2JuQQHHESVhYmM_kJ8TocXiEx4WbNgZmsODJzw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 212ms
212ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

290e60f247d195c19d505e85d5577c7a65e5979661cf8ab253922b52f4973fa1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"6d8-wiVOgIMsguY6l73CGQg3OxrT3qg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1752
x-amz-cf-id: pQxUxQC42Hi-XFenTNOQvIdDn5VgS5MnzbpWwKYpG9q0j_Ghro2VBw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
406 B 212ms
211ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: I2DWRUm1N6TVxareTwtmIeXrxVDX5CnZlInG1iB5cUCUwInBRLC6wg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 224ms
224ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

44218166f78adbc856eeeb93787eabb29f78160232ab88ea59e45dd2bb5831ce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"d5a-In3g8uYs4EJiGTfRwckE9YTDHmg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3418
x-amz-cf-id: 4rF9Vh38HIKUFbzr4HmUiC2x1J_jLtm3a8Q-wEQ8mF2xb5yWH9tIOA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 217ms
216ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

ec8de55b279f65ad4d49aff05ca8b9499ec486a16c87f9be7c43d978bbc465a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"6b5-sZeknLQan94RNRrxRlrbFGFpXac"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1717
x-amz-cf-id: 8dXWDOEEfr6J7OXwpvAwyPJ56_WSv_u9r4MzFpTyp9gIRFfSwkHnSA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 215ms
215ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

8fa66162f2b74aaf28143e8bb208bd2d6a0ac382bdf6673bfd1060a55c3a827d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"356-MWcVlBkS438hxMBSHebXvDolnY4"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: cfJrsUDijHGXcTsQFsY92cnl8eIhItCGzdxWXWW8xyvO7Ld2VmeW2Q==

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 459ms
382ms XHR
application/javascript 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439268&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=yBHt7Dyh&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2a0bd02b3e9a627b15dc5d04c265c55e63b98c1f8a6b919967502d2e2b1afc75

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e3b27a2e-6e69-4058-aa93-787c7ea083b4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 340ms
263ms XHR
application/javascript 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439248&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=KAJycXjN&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b678737a3c8d2d27716eefcf617c29bb779547ea3a18447e940976e2bbee5284

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 63d40f47-a7df-4adb-9858-9f90e5b71b2a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
674 B 152ms
75ms XHR
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439253&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=iOaneWwV&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d9c5a0d3-c25b-4fec-a6c4-5aac0144f1b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
674 B 105ms
28ms XHR
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439260&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=d7gwLqow&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a946adfa-ec92-455c-973e-e20c8dc5d357
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 112ms
40ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_8_btf_728x90_post2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: c9b5142fa6dad2f5c2c029ee99cff04de2abe2d846c95b3b457406008d69efc4

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
41ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_9_btf_970x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 2de6473d69f798719521bb28e561ccabef6165eb953945629cc61980d1084827

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 111ms
41ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x250_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 77bb588db394ac21068f852ad2e4447e50817fec8c8ce791d827f37847fb0504

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 108ms
39ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_3_btf_300x600_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 42c457ab4b8f706eada7d0be612217d67304abe5b6e0746f65c39002493b3ce9

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 108ms
38ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_5_atf_728x90_pos1&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: efb866cceb689044f6c72be792a07af39f1dfbf4dfceca88654fdb54e472bbe1

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 108ms
39ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9698d20177773960f13aa96d380022&pos=the_star_desktop_7_btf_300x250_pos2&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: a466fbd0476a9bb39abea5fc422574dcda89fc7dc2b678943413958b9a3c8e33

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
torontostar-d.openx.net/w/1.0/ 131 B
438 B 107ms
38ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://torontostar-d.openx.net/w/1.0/arj?auid=540273844%2C540273838%2C540273840%2C540273842&aus=728x90%2C970x250%7C300x250%2C300x600%7C728x90%7C300x250&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=0&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._VD2ZyQAw&cache=1644840775774&ttduuid=2d168a75-8fbc-4f49-bdfd-4f863474753e
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 42cd8c5ed1ca7f5cff47d76c775c6318006c699450095dcad331a8f6073e5bab

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thestar.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
77 B 57ms
44ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
cf-ray: 6dd63515daee5a13-MXP
access-control-allow-headers: Content-Type, Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
735 B 100ms
95ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-Proxy-Origin: 192.145.127.219; 192.145.127.219; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c461882e-962e-4d4c-bffd-68b064b63c74
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 185ms
96ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.3745176094750715&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7eac7ce60faa71d442d8a51ce4a4cbfeda92c6f7b934d730a4171676fc0de8dd

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 210ms
122ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.34414036351234123&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 40c92675c2b862eeee265e144b1524ed422d61e75eacfd5197465c72f7dacb55

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 171ms
83ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.4959814269044418
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b92b0ea2dd438aa91ee8e4abeca6e7edcb9860a63a69c02f6ecd6b0effa01a88

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 170ms
81ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.23236079578768476
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0c955580b5c4979d7f769e766cea4d9b70d5d62c7e2f2d2fb566cf7e31a784e6

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
372 B 228ms
125ms XHR
text/javascript 23.0.33.234
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=157269&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2271379719%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22268340%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22268341%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22268332%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22268333%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%228%22%2C%22siteID%22%3A%22268335%22%7D%7D%5D%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22268338%22%7D%7D%5D%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2223%22%2C%22siteID%22%3A%22157269%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2224%22%2C%22siteID%22%3A%22157269%22%7D%7D%5D%7D%2C%22id%22%3A%227%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d168a75-8fbc-4f49-bdfd-4f863474753e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222022-02-14T12%3A12%3A53%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-33-234.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 33d1f21929633391e41530553d5646fd40fe5200715888dc55da7890901995cb

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:54 GMT
x-ak-initial-geo: CC:[IT], RC:[], CN:[EU], CIP:[192.145.127.219], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://www.thestar.com
x-cs-client-geo: 11
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 11
expires: Mon, 14 Feb 2022 12:12:54 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 874 B
1 KB 210ms
208ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

d48b0a2ab9c3acf2723de7777155c2b5a7e085194680eb43fc4fb2a708b847c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"36a-qnU8y4bG44V/WEnrvqWxueLugTM"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 874
x-amz-cf-id: jKK-ksoY1_r1rBkaWaxnqFcQg74E1V_q0SCfYc4lKNrGdGZUtOLmjQ==

GET
DATA 200
OK truncated
/ Frame DC60 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbb5e16606785dc1b8fce16626f44890556c33bc9999b7e9550f75b22a1fd190

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 CP1.242f86cf.png
beijijngmedals.thecanadianpress.com/static/media/ Frame DC60 24 KB
25 KB 417ms
417ms Image
image/png 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/CP1.242f86cf.png
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d3e260da6c89e8893b03fb5a516d088cb46a136c094fdc5bda05ef2d3cec6f

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:06:11 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "de533e1a2ef0ab3ec739b4dcc4487f49"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24792
x-amz-cf-id: zQBj7ovPM7V89FwGnBxTy_J100AK3h9MPIg4aNvlF9KkyXZbdhJlsw==

OPTIONS
H2 200 v1
vguamh182d.execute-api.us-east-1.amazonaws.com/ Frame 0
0 371ms
120ms Preflight
application/json 54.237.17.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vguamh182d.execute-api.us-east-1.amazonaws.com/v1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.17.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-17-91.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-api-key
Origin: https://beijijngmedals.thecanadianpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 6738a509-18d8-49e0-80af-764c4a091ac3
access-control-allow-origin: https://beijijngmedals.thecanadianpress.com
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: NiATDHTAIAMFptA=
access-control-allow-methods: GET,OPTIONS

GET
H2 200 v1 Show response
vguamh182d.execute-api.us-east-1.amazonaws.com/ Frame DC60 16 KB
17 KB 431ms
430ms Fetch
application/json 54.237.17.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vguamh182d.execute-api.us-east-1.amazonaws.com/v1
Requested by: Host: beijijngmedals.thecanadianpress.com
URL: https://beijijngmedals.thecanadianpress.com/static/js/main.200d8e04.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.237.17.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-17-91.compute-1.amazonaws.com
Software: /
Resource Hash: 7b1a69ec03a22130641a6565cdf14b66d4c650884663e55f16643ed1d70999dc

Request headers

Referer: https://beijijngmedals.thecanadianpress.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
x-api-key: 1EzqH4aTQhzOa06ASUbZ1LFkjdsvySI7HYwwYb05
Content-Type: application/json

Response headers

access-control-allow-origin: https://beijijngmedals.thecanadianpress.com
date: Mon, 14 Feb 2022 12:12:54 GMT
x-amzn-requestid: a9a28f05-0fda-447b-99fd-468b17f82467
x-amz-apigw-id: NiATEGn6oAMFYZg=
x-amzn-trace-id: Root=1-620a4746-00897ff749164eeb40b7d35e;Sampled=0
content-length: 16750
content-type: application/json

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 149ms
130ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3085&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=83&jsfv=nbc&ts=1644840775983&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=3084&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Fottawa-police-want-more-officers-to-deal-with-trucker-convoy-but-sources-say-there-is-no-plan-for-how-to-use-them.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Fwill-limiting-alcohol-make-a-difference-in-a-small-nunavut-town.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Ffreedom-convoy-news-police-have-cleared-a-week-long-protest-at-the-ambassador-bridge.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Ftruck-carrying-2000-firearms-allegedly-stolen-in-peterborough-ont-police-say.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F13%2Fcoroner-to-investigate-after-man-falls-to-his-death-from-montreal-condo-tower.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F02%2F12%2Fsecurity-expert-mountie-soldier-meet-three-men-working-with-the-freedom-convoy.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 20220213070228-6208fa3155b0724697933a85jpeg.jpg
images.thestar.com/0b1JsvIn6JTQEVQTyd0auKiIqZ0=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2022/02/13/graham-becomes-early-player-to-watch-in-supreme-court-drama/ 38 KB
39 KB 34ms
34ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/0b1JsvIn6JTQEVQTyd0auKiIqZ0=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2022/02/13/graham-becomes-early-player-to-watch-in-supreme-court-drama/20220213070228-6208fa3155b0724697933a85jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: efb07fe7d68c976671a250c72a221417754b6fc8cd90a2451a8055e9a65d1a1d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 16:03:48 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 72546
etag: "9dc60059869b82989796aca39d19f1b732dd7233"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 39402
x-amz-cf-id: nOksesuGOucOm6ELarU6UOK4pDc79SblkJYU_ESSerHkIBe8d5dOnA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 133ms
130ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3097&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=89&jsfv=nbc&ts=1644840775994&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=3095&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F13%2Fgraham-becomes-early-player-to-watch-in-supreme-court-drama.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fasia%2F2022%2F02%2F14%2Frussian-skater-kamila-valieva-cleared-to-compete-at-olympics.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F13%2Fwest-virginia-school-district-investigating-religious-event.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F13%2F2nd-of-5-whales-brought-from-canada-to-mystic-aquarium-dies.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F02%2F14%2Fjill-biden-turns-valentines-day-into-lesson-for-2nd-graders.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F13%2Fcanada-protests-sound-common-refrain-we-stand-for-freedom.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rams2.jpg
images.thestar.com/aUi0yFtd4ulS1Lrgg93VMwyL-gg=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/football/opinion/2022/02/13/the-rams-are-super-bowl-champions-a-hollywood-ending-for... 63 KB
64 KB 35ms
34ms Image
image/jpeg 18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/aUi0yFtd4ulS1Lrgg93VMwyL-gg=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/football/opinion/2022/02/13/the-rams-are-super-bowl-champions-a-hollywood-ending-for-a-star-studded-cast/rams2.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d4bc81be1c520b6abe69a2cfefff36368e2aee55e84ab17ce69affe094887d0e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 03:58:57 GMT
via: 1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 29637
etag: "1aa1c7b07c3a8ca24378b6a7040d42e1b74eaf6f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-length: 64978
x-amz-cf-id: oEOxlzwE394QZ82_G_hC0ry4WBpnbnEqKr-Mv0Mmo5OxG3jk3DyTVQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 127ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3126&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=94&jsfv=nbc&ts=1644840776023&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=3125&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2Fopinion%2F2022%2F02%2F13%2Fthe-rams-are-super-bowl-champions-a-hollywood-ending-for-a-star-studded-cast.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Folympics%2F2022%2F02%2F13%2Folympics-overnight-rare-snowstorm-causes-chaos-in-beijing-steven-dubois-wins-another-medal-plus-the-debut-of-monobob.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Folympics%2Fopinion%2F2022%2F02%2F14%2Ffrench-tandem-cements-place-among-greatest-ice-dance-duos-with-olympic-gold-medal.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2F2022%2F02%2F14%2Fwhat-to-know-about-super-bowl-56-from-cooper-kupp-to-eminem.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2F2022%2F02%2F13%2Fsuper-bowl-ads-go-heavy-on-nostalgia-and-star-power.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2Fanalysis%2F2022%2F02%2F13%2Fpascal-siakam-thinks-he-can-get-to-the-rim-whenever-he-wants-the-raptors-star-hasnt-been-far-off.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ftennis%2F2022%2F02%2F13%2Fi-did-it-canadian-tennis-star-flix-auger-aliassime-clears-the-final-hurdle-in-rotterdam.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Folympics%2Fopinion%2F2022%2F02%2F13%2Fbeijing-2022-the-truth-about-canadas-olympic-mens-hockey-team-it-has-question-marks.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 128ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3139&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=97&jsfv=nbc&ts=1644840776036&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=3138&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F02%2F12%2Fshould-i-be-this-ok-with-my-polyamorous-partner-sleeping-with-my-friend-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftogether%2Fplaces%2F2022%2F02%2F13%2Fice-ice-baby-at-torontos-latest-baths.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftogether%2Fplaces%2F2022%2F02%2F13%2Fgwartzmans-is-a-chinatown-staple-for-close-to-eight-decades.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 126ms
126ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3148&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=102&jsfv=nbc&ts=1644840776046&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=3147&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2F2022%2F02%2F14%2Fa-kanye-trilogy-mrs-maisel-returns-and-an-alien-abduction-heres-whats-new-on-netflix-prime-video-and-more-this-week.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2022%2F02%2F12%2Fbieber-wows-a-list-crowd-at-pre-super-bowl-homecoming.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F02%2F11%2Fjon-stewart-is-defending-joe-rogan-again-and-liberals-should-listen-carefully.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 130ms
129ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3164&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=105&jsfv=nbc&ts=1644840776061&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=3162&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2F2022%2F02%2F14%2Flooking-to-switch-careers-in-a-post-pandemic-world-you-may-not-need-the-training-you-think.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F02%2F12%2Fshould-i-be-this-ok-with-my-polyamorous-partner-sleeping-with-my-friend-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Fcontributors%2F2022%2F02%2F13%2Fan-invasion-of-ukraine-would-be-a-catastrophe-but-a-larger-crisis-is-already-underway.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2F2022%2F02%2F11%2Fflorida-condo-collapse-settlement-leaves-survivors-including-canadians-furious-there-are-grown-men-crying-today.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F02%2F11%2Fjon-stewart-is-defending-joe-rogan-again-and-liberals-should-listen-carefully.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F02%2F11%2Fmy-friends-boyfriend-has-an-abusive-history-with-her-how-friendly-can-i-be-with-him-ask-ellie.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 82ms
47ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09462845220b3bb7780eee9a9e11a3b74563b18ab5c4760e279dfedb3f0e70b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 12:12:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Feb 2022 12:12:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Feb 2022 12:12:54 GMT

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

123ms
123ms

Font
text/html

143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
etag: W/"13c5d-2aOScd4HGjjnunkF7csZIZAxHhA"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
x-amz-cf-pop: FRA50-C1
x-frame-options: SAMEORIGIN
x-powered-by: Express
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-id: tzwA9MsIPgMqJR2l649CkYo07UGQYJcvdj4oL0IT-7rf219X6xWokA==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

Redirect headers

date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: FjVBD2a9JTj8HPHGCHpXdP2QG2etl5iWT4ds_nA7PurjH1qVcPgKuQ==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 130ms
129ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3186&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=114&jsfv=nbc&ts=1644840776084&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=3185&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2F2022%2F02%2F14%2Flooking-to-switch-careers-in-a-post-pandemic-world-you-may-not-need-the-training-you-think.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2Fpersonal_finance%2Fadvice%2F2022%2F02%2F14%2Fhow-to-get-your-financial-swagger-back-in-five-easy-steps.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F02%2F13%2Ffive-things-to-watch-for-in-the-canadian-business-world-in-the-coming-week.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 2777ms
770ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

ce11d1dfc55e242dd2bbcf9fa94c5d809f050282ac7c62bb9f34126cf1f5b0e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"a655477004180967ce0ab5fc368d7f2514eda61a"
xip: 2001:ac8:24:44::18
x-srv: fishnet-prod-feedsbackvar01
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-wbxwrnrz
grace: none
content-length: 927
x-feeds-fv: feeds-prod-vie1-var-lp
last-modified: Mon, 14 Feb 2022 12:08:17 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 689087732, 897808450 897744563
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web08
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:13:17 GMT

POST
H2 200 713 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 4 KB
3 KB 411ms
410ms XHR
application/json 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://e377.thestar.com/DG/DEFAULT/rest/rpc/713?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=175219cb-39c0-4519-aba2-9d20283f3986&bctempid=&overruleReferrer=&time=2022-02-14T12%3A12%3A56%2B00%3A00&ts=1644840776362

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

adcc2125258eb603a3921db0ff5293df0ce1f3e87906f1278cbb9ce6f155fc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1633
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: kECP6h_t8p51sLoAhYyi1Z80geO8pH6rCup0tu7OrJ3vzn8hzSKdqw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 713 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 369 B
1 KB 411ms
411ms XHR
application/json 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

eae24cd9a561f3b9f66bc4df3a84765c27a45c045856912831fc969cbef8a53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 176
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: I-jku6PkuyEI02I0tVDr1RRzQhB-zyGIscaATcrslQGo45fdDalICQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 713 Show response
e377.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 407ms
406ms XHR
application/json 18.66.248.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.123 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-123.dus51.r.cloudfront.net

Software

- /

Resource Hash

dacca56404974a8e6f565494f8a558e553c31edde62d8559cf75e7f0945f4cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 166
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.thestar.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 5D8eQ9655Op4WRJ8VBf0hJLVXePV3G5liiNG2I2bdw3dN5YvA6-92w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/ 35 B
49 B 132ms
131ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/5c1a020c-60a8-4d41-9796-3eaaab0df75f/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3504&blst=1063&ist=2164&iet=2180&bdst=1064&bdet=1271&bcttt=138&jsfv=nbc&ts=1644840776402&jsk=q9fqmmutk5a97trs&jsv=20220207&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=5c1a020c-60a8-4d41-9796-3eaaab0df75f&sid=57e5b25e-f652-4c83-8805-4f1ce4267f68&pvid=de7851c3-f2e4-42b3-beef-36dbb46b02a0&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F98.0.4758.80+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.5&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=3503&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F02%2F13%2Fcentrist-conservatives-may-have-found-their-champion-in-the-battle-for-the-soul-of-the-party.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F02%2F12%2Fottawa-freedom-convoy-protests-continue-despite-ontarios-new-emergency-measures.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2022%2F02%2F14%2Fottawa-mayor-pushes-to-shrink-convoy-footprint-as-feds-eye-action.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 51ms
50ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20
via: 1.1 google

GET
H2 404 2021-q1-shop-low Show response
www.thestar.com/api/overlaydatarule/ 178 B
592 B 28ms
27ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/2021-q1-shop-low

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

b8e8734d09cbff47f0afe26e91200cd19071e79647f718cd7b5c2ba16a13ebf7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:25 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
etag: W/"b2-DayMIL+sW45ETiP4eQTH7WZtEKg"
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 89
x-powered-by: Express
x-frame-options: SAMEORIGIN
x-cache: Error from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
content-length: 178
x-amz-cf-id: TPowEaGfla7LV1SAEsGtGneF6I3FJQwWLCdi939OR4NwoWnwQy1-Fw==

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v20/ 35 KB
35 KB 72ms
27ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v20/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 03:01:38 GMT
x-content-type-options: nosniff
age: 378676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35436
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:24:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Feb 2023 03:01:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
792 B 124ms
64ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 116ms
56ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 66 B
858 B 120ms
120ms Script
text/javascript 50.16.19.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=175219cb-39c0-4519-aba2-9d20283f3986&&callback=bc_json715

Requested by

Host: e377.thestar.com
URL: https://e377.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.16.19.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-19-147.compute-1.amazonaws.com

Software

- /

Resource Hash

85b7f2e7d8a366f66cd258cc0eadbd3788d36f638b75cf5d9a4360337ae0aaa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
429 B 112ms
36ms XHR
text/plain 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=157269&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:54 GMT
X-AK-INITIAL-GEO: CC:[IT], RC:[], CN:[EU], CIP:[192.145.127.219], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://www.thestar.com
X-CS-CLIENT-GEO: 11
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 11
Expires: Mon, 14 Feb 2022 12:12:54 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 464 KB
50 KB 565ms
532ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2355942415673206&correlator=115308525303887&output=ldjh&eid=31061814%2C31064837%2C31060888&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220214&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=728x90%7C970x250%2C300x250%7C300x600%2C1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250&ppid=47255164298653916142492742556845038112&prev_scp=pos%3D5%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D90%2C80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26m_gv%3D40%2C30%2C20%2C10%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26m_gv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26m_mv%3D70%2C60%2C50%2C40%2C30%2C20%2C10%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3D%26tkspo%3D8%26env%3Dbeta%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_death_injury%252Cmoat_unsafe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26gs_channels%3Dts_sprts_tlvsd_gnrl%252Cgs_health%252Cgs_sport%252Cgs_covid19%252Cgs_entertain%252Cts_pl_nws_lctns_cnd_ntnl%252Cts_sprts_ctvty_bsktbll%252Cgt_positive%252Cgv_death_injury%252Cts_bz_ndstry_gnrl%252Cpr_test%252Cts_pl_nws_lctns_cnd_prvncl%252Cts_sprts_tlvsd_smmr_lympcs%252Cts_hlth_general%252Cgs_event_olympics%252Cgs_politics_misc%252Cgs_news_and_weather%252Cts_tmtv_ntrst_n_gnrl%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub&cookie_enabled=1&bc=31&abxe=1&dt=1644840776564&lmt=1644840776&dlt=1644840773126&idt=2309&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C253%2C0%2C436%2C1047%2C436%2C436%2C436&adys=8717%2C2356%2C0%2C0%2C1002%2C4857%2C6120%2C7315&adks=3893840799%2C1330620276%2C2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&vis=1&scr_x=0&scr_y=0&psz=728x90%7C300x250%7C1600x0%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90&msz=728x90%7C300x250%7C1x-1%7C1600x90%7C300x250%7C728x90%7C728x90%7C728x90&ga_vid=645813381.1644840775&ga_sid=1644840777&ga_hid=702580858&ga_fc=true&fws=0%2C512%2C0%2C0%2C512%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=1%7C2%7C0%7C0%7C0%7C3%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

9dd087c597ced16e26d0066514401672dc38967008ea37155200092af7a9f56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51488
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7C2A 6 KB
4 KB 161ms
34ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Feb 2022 12:12:54 GMT
expires: Tue, 14 Feb 2023 12:12:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 64 KB
12 KB 28ms
28ms XHR
application/json 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=64f03932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-71.fra50.r.cloudfront.net

Software

Apache/2.4.52 (Unix) OpenSSL/1.1.1k / Express

Resource Hash

1be4cf0c02a6b1a191f4ee5a059710295dc90697457419e218c8f89f7108dbd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:10:51 GMT
content-encoding: gzip
vary: Accept-Encoding
server: Apache/2.4.52 (Unix) OpenSSL/1.1.1k
age: 123
x-powered-by: Express
etag: W/"ffd0-pNPL36GclLGQRPVKtohyqJmJEa4"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VLWUlUW4x2Oc6OF6xXQwWx-3FKVHYDn-eVMNecNJhsw2Q6g2DD77Zg==
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 12 KB
5 KB 31ms
31ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4732c25586a397ce39e3d031693be639c13420460a55af067a618f7d4f557d0d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:07 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: W/"4437a09f1c8b1fb3892e5ec004150e8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: IjdrgttekPIGYC1DAjf1l8BxbFWwASUN
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: o9r2kJS0K5_2IDOFeRSlX8SN5_XRkoqaQ8qwrOtK-XtSzHuXa770ww==

GET
H2 200 RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 1 KB
1 KB 33ms
31ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC2c755b7ef3ef4f3882b1ae8279370b69-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fb45af203288313f50cecb966712a184c35df4ef86785230c38d8c3eee731d7

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:07 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: W/"7bce51a23d047022cae069e168e9a4ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: c_aRIL3gt7j6hXZYAsSGueDC8Q9XXeGZ
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: 3vAW88mYqKYGRBSQHm3Am9wT3oRhhGzAHXCf89wB01FMh7PKSpCTAw==

GET
H2 200 CAN.7c978439.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame DC60 1 KB
2 KB 136ms
135ms Image
image/svg+xml 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/CAN.7c978439.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:06:12 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "b71457da8c07b4e1227595484480ec14"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1423
x-amz-cf-id: d05hkYG6jAmTrtuGR0bqU-8NmypE0Z872JhUzNuQTOm43uFjB9M6Zg==

GET
H2 200 NOR.7a613ae5.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame DC60 517 B
839 B 419ms
419ms Image
image/svg+xml 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/NOR.7a613ae5.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86edd1bd7bd5f3251da12cd3c5b391deb666745d36daf364bfaf0a5aa5d59bc5

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:05 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "d27dd8f0d5c75aa2f4b709a105127fa1"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 517
x-amz-cf-id: Zg3MpJ9hi9KqCZr4ZVLhEi9l9ED8KjqqZz-5_XCoqYJKLcrCeqLIWQ==

GET
H2 200 GER.67bf05d4.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame DC60 493 B
814 B 136ms
136ms Image
image/svg+xml 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/GER.67bf05d4.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eba233c164f038c5c6065889f84c84fd193325dd13b6fc734fe30ef4f34a8081

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:12 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "6e41aa3c758e40cc126afa4d80bb7158"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 493
x-amz-cf-id: 9zZ5Lam3DAs1K-ya-Lj34uqBrrziqSnm2ZZacdUCqZclCztrWpMx-Q==

GET
H2 200 USA.ec4754c6.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame DC60 1 KB
2 KB 419ms
419ms Image
image/svg+xml 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/USA.ec4754c6.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:07:07 GMT
server: AmazonS3
x-amz-request-id: 8931ZRMXQ8Y3PWK5
etag: "dc797c10f6dc6fc6d9d03274dbb3c16c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 1479
x-amz-id-2: /Jot3PqdwJBXgtljYEY/PdhB9M3rXR85Kg0DWHr/n+2oIn3SATZo2PifcEzzB2j9IBLoDK1+zz8=
x-amz-cf-id: 9kBjxoiQJk33Wq2zty78G0I76ELQoV_OSG3Y_mWpC7d0HOBUM-B9_g==

GET
H2 200 NED.398702d5.svg
beijijngmedals.thecanadianpress.com/static/media/ Frame DC60 219 B
640 B 410ms
410ms Image
image/svg+xml 2600:9000:224a:5c00:b:bed1:3e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beijijngmedals.thecanadianpress.com/static/media/NED.398702d5.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5c00:b:bed1:3e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 494874a05c407cfb2315f6aa8fc056e62fb7d5b6d8cde0761bbbb4ad477c9fbb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://beijijngmedals.thecanadianpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 20:06:11 GMT
server: AmazonS3
x-amz-request-id: 893EZ7CJ5NE2P51H
etag: "6e0a056a4cb13462b51a9df346bf4923"
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 219
x-amz-id-2: OiODWEeNQN92vLNeRdVbVu0isxbLhLndtJFM42phTrO0icZHTdGkv4gXbc8pvOEQ516aYwYhlxo=
x-amz-cf-id: 8704ueJlT2-NtoNJDDeW3up5b4IE9qHCOgYAGx8nBNyfnxgQBr8brw==

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 93ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2663514a298880242dd66949e5b2455c7e18636ed98bc8939850a8a9dded2c33

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89208
x-xss-protection: 0
pragma: public
x-fb-debug: MmECriKXD8Emg8SO92asLsUJWJp+/KUWseRPMGIDD991P7goG5/QHqNUafi35C8VfH55HfigiAnoX73yvs6Iyw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Feb 2022 12:12:55 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 RC304342cd3a9f487980371091639a8dc3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 813 B
1 KB 34ms
33ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC304342cd3a9f487980371091639a8dc3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 897727e6dcdbc2eaa7547078b9ab387ce0c4d5d1bdaa3f42982133adbbbc4e2b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:08 GMT
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: "8a8100b71a73423bb06975d74d23d077"
x-cache: Hit from cloudfront
x-amz-version-id: f2r1ThsCrfYp4UAW2WDmvaay85M0VYGq
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-type: text/javascript
content-length: 813
x-amz-cf-id: r4qiZ-8uJJ2yjKLHXEUrJEe7i-_ZXAWvdcmsLFkqmknmlUQ8EFHhPA==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
5 KB 31ms
27ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 01:07:27 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000054-IAD, cache-fra19155-FRA

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 2 KB
1 KB 33ms
32ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b26bbc0b1784322ee18f51bfebab8d20823c77eeb37d50ac9eecf804dc7146ac

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:08 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2448
etag: W/"8d6c5fefc0f7f8dcf4128e7e4a04d357"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 1rWERgMKIxQ2wxH1uBx6RRU.mrkUDE6t
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: eZlxXWbnkXl2nxz0_IODYQwES79aZ3iGVB80joLyzjPT11652jc8ng==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 1B6C 220 KB
61 KB 88ms
25ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1B6C 16 KB
6 KB 168ms
106ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1B6C 96 KB
29 KB 169ms
107ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1B6C 5 KB
2 KB 168ms
107ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 1B6C 42 KB
13 KB 165ms
104ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
DATA 200
OK truncated
/ Frame 1B6C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38272e882bffaf7fa3bd922044357d53f379420204b9721339bb4e53667d79ee

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7697924598406429374
tpc.googlesyndication.com/simgad/ Frame 1B6C 24 KB
25 KB 127ms
67ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7697924598406429374?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkLw7GFPGI6MdXN9njRl50yzngfLw

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2f37ee269c9d050326eb74906dbe3d57fa541cdf086ec86ee4235c14b58cbec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 15:04:05 GMT
x-content-type-options: nosniff
age: 508130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24979
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 12:47:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Feb 2023 15:04:05 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B6C 2 KB
3 KB 198ms
139ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 61987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Feb 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B6C 295 B
353 B 90ms
31ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1B6C 0
0 75ms
71ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWaM_RkcKYvuGOYXw3gOal6G4Do3owdtnhJiw-9QP5Oew3OsbEAEgx-v2HmD9gpGE6BGgAeSMkLYCyAECqQJCkGVF9QazPuACAKgDAcgDCKoEsQJP0DX1qs4_zEwWaNZ7lyY4VtWeY8aHfGBPAs-RbSsJ6Qyqb1olu-Abc4eYCCOsS97PPcoWMC23-DwfiDlKFNN9rtCFs6FELfk98ASCw964LZtuXFvFISiqekxvPnYg4kATB0eVPoGf-wXwCTA9sxxhM-dfiiNxcjZPuWutRA5vV2WU0WriN5Jdqc8Cc-mMm1xbGHPW0xfk_MKwpWmdeDGXo2nho0nlUfwfMLkjkaV5x9hiVMmTdn3QlfiW1qq3uwJSv5nwKK4K8CkqKnwDIARqgqME4pHBE6HLI0GZQorRHdFe9Q0X5q_w78b4bPeZ06OPX7-2wLmTRVMmG4tf3BO4AC6gZcHs0TU2uCn_ByDJOfL0wC-xOG2nRUrJV7dH_DzUEqDPAJFlJxp2oZd9IbN1_sAEsY7F6vQD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4Tz78kBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4NEF0ggJCIjhgHAQARgdgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTgxODg0MzE0MjU1MDk5OTcYlJkU&sigh=hMmUsDMsc9s&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 14A6 220 KB
60 KB 103ms
53ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 14A6 16 KB
6 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 14A6 96 KB
29 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 14A6 5 KB
2 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 14A6 42 KB
13 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 14A6 2 KB
3 KB 75ms
32ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 61987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Feb 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 14A6 295 B
353 B 74ms
31ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame 14A6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27923298ebe479ae1485e71ad8ba493d087075c737c54844b6863bfc932dd5a1

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8417969777588200349
tpc.googlesyndication.com/daca_images/simgad/ Frame 14A6 82 KB
82 KB 124ms
87ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8417969777588200349

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4583152c3fb7bcf1cf2322b1a3d0d9181b52e8fcd2dea4700a790199654b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 08:37:23 GMT
x-content-type-options: nosniff
age: 99332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83471
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 13:31:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Feb 2023 08:37:23 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 14A6 0
0 75ms
70ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChoVURkcKYvyGOYXw3gOal6G4DoHAlLFo2NifxfAMmbPLntkhEAEgx-v2HmD9gpGE6BGgAZDp1v4DyAEC4AIAqAMByAMIqgSjAk_QtMuC84h04yo3ZaSnTFXxQswctqnKw7nAN1LOsTMKg3DZJwAm3CIWhOC6jQDeMwtjCMDbHeYumxZKExqghzES_llCCReXAk1vG6CZnuEt-nUA7uorEKobG0VAa_4ceCeACBWPbWiqWsgI7r7o3dX9H6jUS2BTGhMLEm3rm5DC-4E6ee4xrQQXRE6VoHpXnaGGLGVKs8ctmViB4Ov1Dvjq-5PYKe8PicfsZYcS_heq1-7gp3SXgtIIB974ao2YhXTJuezsq_CtrrwDvFXroCPHC7ddp-Fs5PPCxw6mtsaMTj5wAZ7hRIm3Mvl3p59AI25IUukwgzyBeZnKahnmBL8w2Fnmz7D8dmTTw9jiUmQVN5UHgUO7rRgc8LQLYTzH54w9E8AEzviXt8ID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9iWqQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCOhiDSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=titTc-v4ji4&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame 9685 220 KB
60 KB 104ms
71ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 9685 16 KB
6 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 9685 96 KB
29 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 9685 5 KB
2 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 9685 42 KB
13 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Mon, 14 Feb 2022 03:08:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Feb 2023 03:08:38 GMT

GET
H2 200 8417969777588200349
tpc.googlesyndication.com/daca_images/simgad/ Frame 9685 82 KB
82 KB 64ms
33ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8417969777588200349

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4583152c3fb7bcf1cf2322b1a3d0d9181b52e8fcd2dea4700a790199654b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 08:37:23 GMT
x-content-type-options: nosniff
age: 99332
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83471
x-xss-protection: 0
last-modified: Sat, 07 Aug 2021 13:31:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Feb 2023 08:37:23 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9685 2 KB
3 KB 61ms
30ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 61987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 14 Feb 2022 18:59:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9685 295 B
399 B 61ms
30ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 23361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 15 Feb 2022 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame 9685 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac1d08f943da892e3743a62323793f3d059124aed49176b3af77717a17ed580d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9685 0
0 113ms
35ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqvIALBTw5DL9Vpr6LcTkDKJpuZfEuCRq7OkwICk0WQqXK10MV4PV7-t6Ws2OhGPRe23x6
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9685 0
0 72ms
71ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiZKhRkcKYvqGOYXw3gOal6G4DoHAlLFo2NifxfAMmbPLntkhEAEgx-v2HmD9gpGE6BGgAZDp1v4DyAEC4AIAqAMByAMIqgSjAk_QSgiuwuvS17zVa7vnu2CKwcZDv6658ArU6iAWwN-enHTLKdUC1cTi5Wc-ia2qCQQfrAwkCX6xzfHzlY8Zla1rrM2VUUOB3yQdfGlkcSFu2c8R3CJ9agK-jCc7wvueW-CA3u8Gsem1sny18WrM3iXHtxNYaQ50KMrlfjlxNFoqhGmHnP3HYmndnMaY1BxqTCvZ-9dKaYVxuNgYmegnIv_82dFwrSJHWxxq3eneO4gzcUwPGlaYUVumXHhpXsuZ1GSY5UbBER2BgqtEi9R-B0iVpPIB3iwF31AHODOElLDApR2hzZzlTl6YUtNJeOz1_tkNfiSyy8k_TkG0hfwxzzskIEUQVVfF-XDYVczd5eKFlHi4CT2mNRGo8T77etEis3SRhMAEzviXt8ID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9iWqQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDlhhbSCAkIiOGAcBABGB2ACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=dxmhkomzps4&uach_m=[UACH]
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 83ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8bf9a314c9e16671392d7a048ef850647d644218835cd6be9dd0d24ff3265e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39609
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 70ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54ee7034cc8f34ae8821b8d9d8e710a6d415dddaabba76daeec0eb8757cd32ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35888
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 RC2f54281ab7324fd39f76106466b9b969-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/ 1 KB
1015 B 32ms
31ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/RC2f54281ab7324fd39f76106466b9b969-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50063c382b074e0b9fb907b397615cdc7843212f71e01e11442af7c5e1786b42

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 11:32:10 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 11:31:34 GMT
server: AmazonS3
age: 2446
etag: W/"43caae725d2905a9d469a4a8835b4006"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: vkSXZWe70zghMlS3vkfWUmLRyYAruVwn
via: 1.1 9f88eecf68d9192420b110f5f3f14fd6.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
content-type: text/javascript
x-amz-cf-id: Xbd8-cmZK1TwB-NkeyFCJ8WuWwfJFKrP6kPZi5ir83PtP39HTgPfeQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 77ms
25ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1644840777376&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1644840777374.1221453757&it=1644840777133&coo=false&exp=p0&rqm=GET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
117 B 149ms
149ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=ead5bacb-373d-4346-b7f8-95d71ceca81a&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: gzip
server: tsa_f
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25a7e2810cbfe7f4efe3d45c872ac3f9c8e71d2964963c5e8ae9dfdf0bb1955f
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
101 B 134ms
133ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuz9l&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=ead5bacb-373d-4346-b7f8-95d71ceca81a&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 108
date: Mon, 14 Feb 2022 12:12:55 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c6b76260a3e4614dbb78554439428603a8ee09942f4cd10c3b769c56cb85f058
content-length: 43

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 207ms
129ms Script
application/javascript 2a02:26f0:fb:5ad::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5ad::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2112cfbb6291860ee6e89397c0517a9b8c73ffd9d81ac4c108385d08fe162707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39618
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 142ms
71ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 12:12:55 GMT

GET
H3

200

activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame 60C6
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww...

409 B
361 B

98ms
63ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

8bf27f834574caa37171638f4821f385123452f66df62b3965a9cc6ad4280037

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Feb 2022 12:12:56 GMT
expires: Mon, 14 Feb 2022 12:12:56 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Feb 2022 12:12:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1B6C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

1188ms
1129ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Feb 2022 12:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 14A6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

1189ms
1168ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Feb 2022 12:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9685
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

1191ms
1170ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date: Mon, 14 Feb 2022 12:12:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 418ms
418ms Script
application/javascript 2a02:26f0:fb:5ad::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5ad::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
2 KB 118ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1644840777728&cv=9&fst=1644840777728&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c779b0c005c1e60a18df6713cbdf3fedf2562a4306630e41d29a91033dbeaaf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame 60C6 42 B
63 B 102ms
67ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CNOepLGV__UCFQLeGwodaIcJ0w;src=10230056;type=ret01;cat=land01;ord=8727288161951;gtm=2od290;auiddc=1079409830.1644840778;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 55ms
54ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1644840777728&cv=9&fst=1644840000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=2529556128&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.it/pagead/1p-user-list/698108511/ 42 B
548 B 115ms
55ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/pagead/1p-user-list/698108511/?random=1644840777728&cv=9&fst=1644840000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&async=1&fmt=3&is_vtc=1&random=2529556128&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 62E1 0
18 B 60ms
29ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.thestar.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Mon, 14 Feb 2022 12:12:56 GMT

POST
H2 200 s06282992064027 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.3-LBWB/ 43 B
348 B 38ms
37ms XHR
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.22.3-LBWB/s06282992064027

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/21aeb89a84be/hostedLibFiles/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 15 Feb 2022 12:12:56 GMT
server: jag
xserver: anedge-cdfbd77b-rsq7z
etag: 3532268670315659264-4619357384525060198
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 13 Feb 2022 12:12:56 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
832 B 132ms
50ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1644840778139

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.7599645f.1644840776.23ce68b7
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1709646179897345
pin-unauth: dWlkPU9EWXlNakUwT0RZdE16bGlZaTAwTjJJNExUa3haRGt0WmpNd00yRmlabUUzTjJVdw
access-control-allow-origin: https://www.thestar.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 136ms
56ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644840778141

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.7599645f.1644840776.23ce68b8
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1014598486183286
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1B6C 42 B
497 B 128ms
62ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYMdXlbhkKd11ZXDpd1fZpm_1LJ1ZkbwgZ8epD8loqBcx0nl1vrEglWw6VPs2ybACRsDPlyg6uu4Yc2Fra0FuzRejGX4zrL0LygqdiievCN-M8Jub_3g&sai=AMfl-YTCueJQEXCZmQdVqGrHOmqFitxWacWo40B5WLYF68s3LhjdSVQAQ3EfvbFQmVb91e2nCxYP8erdL_RxvH_HUvfAFtkYUGpzasizULR-dS0CJCKYUIL8axoDgvL9HSMkNRRdLJhS8FsPIvY7aY03bxU&sig=Cg0ArKJSzIgEz4AJbTdvEAE&cid=CAASPeRo3W5t3rYPI_G5e5Z3xnKuHG5gUH43hBsx6YpmTDS7k2ONptQCqajiuxqI1bkmTlvObwklsYcrVPDhgtM&id=ampim&o=436,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=445&tls=1445&g=100&h=100&tt=1445&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1887631228

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 36ms
29ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=TORONTO_PREBID_HEADER1&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&cm=1&zMoatIS=0&pl=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&t=1644840773745&de=773348581458&rx=748697403913&m=0&ar=944fd8091a1-clean&iw=60a2507&q=1&cb=0&cu=1644840773745&ll=2&lm=0&ln=0&em=0&en=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=torontoprebidheader623296055317&fd=1&ac=1&it=500&pe=1%3A991%3A2177%3A0%3A1065&fs=196859&na=1919269830&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Feb 2022 12:12:57 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 91 B
300 B 273ms
137ms XHR
application/json 54.194.29.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.29.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-29-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab393638335535822529288f9a68ecc846dc68900740c1f1af25220e9cb5c5cc

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 91
expires: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 74ms
40ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

856102e0cd1426debe5b8f051ff6a82b25e90f28689395c9630f0afc73c89fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9831
x-xss-protection: 0

GET
H2

200

ct.html Show response
www.pinterest.it/ Frame F4C3
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.it/ct.html

413 B
4 KB

227ms
227ms

Document
text/html

2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

f5bdfd7b1558219347ede84962ab06b3bc3207d6385269c08d011f587966d529

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-97d15a9add2b7d1d07db666abb328b3c' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1592373734555412; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-97d15a9add2b7d1d07db666abb328b3c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1592373734555412; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-97d15a9add2b7d1d07db666abb328b3c' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 106
pinterest-generated-by: coreapp-webapp-prod-0a011527
content-encoding: gzip
pinterest-version: a494082
referrer-policy: origin
x-pinterest-rid: 1592373734555412
date: Mon, 14 Feb 2022 12:12:57 GMT
content-length: 278
akamai-grn: 0.7599645f.1644840777.23ce6b32
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.it/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 122
pinterest-generated-by: coreapp-webapp-prod-0a0116dd
content-encoding: gzip
pinterest-version: a494082
referrer-policy: origin
x-pinterest-rid: 1954752169981977
date: Mon, 14 Feb 2022 12:12:57 GMT
akamai-grn: 0.7599645f.1644840777.23ce6a91
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 74ms
16ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:57 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 115ms
51ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 06E3EB2ACDD54DE8982C41F3AD400A9E Ref B: ZRHEDGE0513 Ref C: 2022-02-14T12:12:57Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 112ms
26ms Script
application/x-javascript 2a02:26f0:ef::5c7b:c25a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c25a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 14 Feb 2022 12:12:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=11987
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 B24540798.279406836;sz=1x2;ord=414117618908 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 31 KB
11 KB 66ms
65ms Script
text/javascript 142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414117618908?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

2e409d4ca17a4094a0fe278c987a6bcfd3fbcd2e69d6beabbfbaaf8d09460b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11529
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
34 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57d59994d40bdfa1c636d5066c937f11bd7142e0a313e4cd5d7ba0834a388e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35095
x-xss-protection: 0
expires: Mon, 14 Feb 2022 12:12:57 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
113 B 145ms
144ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=11810be8-9490-4e66-b4fa-f6bc75e35707&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 105
date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
server: tsa_f
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 25a7e2810cbfe7f4efe3d45c872ac3f9c8e71d2964963c5e8ae9dfdf0bb1955f
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
101 B 141ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=11810be8-9490-4e66-b4fa-f6bc75e35707&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 14 Feb 2022 12:12:57 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: c6b76260a3e4614dbb78554439428603a8ee09942f4cd10c3b769c56cb85f058
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
25ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=https%3A%2F%2Fwww.thestar.com%2F-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YSx2dTWyZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-I%2FFmdJ04glpMDA%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644840773745&de=773348581458&rx=748697403913&cu=1644840773745&m=5248&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11666&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A991%3A2177%3A0%3A1065&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=116011560&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Feb 2022 12:12:57 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 313ms
313ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

77cd5b400b171e38d18c72be8020c15fe977ef4c59e73b1fa797d45dfc8fa8ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"ba88aaf7efc4636694e77b2a7ad99bf73ea943d6"
xip: 168.119.68.251
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-prod-zrh4-web3
grace: none
content-length: 725
x-feeds-fv: feeds-prod-vie1-var-il
last-modified: Mon, 14 Feb 2022 11:16:52 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 207904497 206818263, 918012060 917746751
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3594
xyolo
access-control-max-age: 10800
x-sbe: feeds_zrh4_web3
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:16:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
50ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js?31064837

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Feb 2022 12:12:57 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 185ms
122ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1644840779104&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=5f077284-3365-431f-9326-2db37f258d03&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:57 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ 8 KB
3 KB 64ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414117618908?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Feb 2022 12:11:18 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
524 B 140ms
65ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstewG4Fo7-zyerJzHqMJ6_PnaugODgdz7Kl9tm1iA53OMv_kYYK0sWlhq1WBBbhMabn6j1G0PqF68B0bh-tyRHA4x5CPuVLBp37wIEX9tJX6bjUMHvE4ejADUMCBUXAZ4n5e_9CFtGi2Q0kyoxVoPM&sig=Cg0ArKJSzBUJjbwtNv6-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220209.81415&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414117618908?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Feb 2022 12:12:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26time%3D1644840779150%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK0BB0bP1hWCQAAAX74Jng0lex_-Uv1zvbmgUlcPx5N...

0
155 B

365ms
125ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK0BB0bP1hWCQAAAX74Jng0lex_-Uv1zvbmgUlcPx5N22yxyrUAhtPxdXy_vUdzoydZUg
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:58 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: q0PcFPml0xbwfieoSCsAAA==

Redirect headers

date: Mon, 14 Feb 2022 12:12:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F4AE213179A64B49B699C1DA1EBB5011 Ref B: MIL30EDGE0108 Ref C: 2022-02-14T12:12:57Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&time=1644840779150&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true&e_ipv6=AQK0BB0bP1hWCQAAAX74Jng0lex_-Uv1zvbmgUlcPx5N22yxyrUAhtPxdXy_vUdzoydZUg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXX+VZFUx4xUX57gVhAMA==

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 684 B
752 B 227ms
226ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/13008914.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: 1251f8afa6eda7bbc51b2d073ac8cd4acc99a938b595aaf41d97068e6672d261

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E06D612E166249A9ACFDFA09767ADAD1 Ref B: ZRHEDGE0513 Ref C: 2022-02-14T12:12:57Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 583

GET
H2 204 0
bat.bing.com/action/ 0
150 B 48ms
47ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13008914&tm=gtm002&Ver=2&mid=04e451bd-7d7a-4cfa-b8c7-a6f369f8291f&sid=730cb2908d8f11ecade2d5ed16c864ac&vid=730d5d808d8f11ecbdc689bc6ad05a6b&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=6121&evt=pageLoad&msclkid=N&sv=1&rn=890303
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1C613A9431374C50BB3A6659BA4D4959 Ref B: ZRHEDGE0513 Ref C: 2022-02-14T12:12:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 35F2 13 KB
5 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Feb 2022 11:27:07 GMT
expires: Tue, 14 Feb 2023 11:27:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D40B 783 B
536 B 36ms
36ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8ad5ec5f2dac1e32af44cebc381fec69bba9053933a66c19497358843a6d2eff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b5UDSZx2+wBvIGenOMQT5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 14 Feb 2022 12:12:57 GMT
date: Mon, 14 Feb 2022 12:12:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-b5UDSZx2+wBvIGenOMQT5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D40B 0
0 74ms
74ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=2355942415673206&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js Show response
pagead2.googlesyndication.com/bg/ Frame 35F2 35 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 07:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 103154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13483
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 07:33:43 GMT

GET
H2 200 85082 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 3 MB
198 KB 598ms
598ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/85082

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

28f1261f9acdac5e80403307d2573cd5812f128c975a15da8593d9bfd92d33ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"b1d90be3465636be11b87e16e40bfe99b12abc3c"
xip: 151.57.103.96
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ldtjwkwc
grace: none
content-length: 202028
x-feeds-fv: feeds-prod-vie1-var-ob
last-modified: Sun, 13 Feb 2022 16:11:15 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 912415236 926386471, 818154884 814299884
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=18
xyolo
access-control-max-age: 10800
x-sbe: feeds_web01
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Sun, 13 Feb 2022 16:11:36 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 598ms
597ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

521e24807293eb4e4b0763969517f0c36ee2754403187190a5f05c7f6ae279b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"9b6db1875ff12b99ab984761cffe79281f79d6c8"
xip: 2001:ac8:24:44::18
x-srv: fishnet-prod-feedsbackvar03
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-qryhirqv
grace: none
content-length: 602
x-feeds-fv: feeds-prod-vie1-var-lp
last-modified: Mon, 14 Feb 2022 12:09:57 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 298047503 287378009, 900600650 899747548
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
xyolo
access-control-max-age: 10800
x-sbe: feeds_web07
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:14:57 GMT

GET generate_204
tpc.googlesyndication.com/ Frame 35F2 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=2355942415673206&bg=!5-Sl5KDNAAbAtJCDwLQ7ACkAdvg8WltYnPiZhaPG7wz9YPFvzLKHkc_CL0SGjim1Oun4ccvIK51tWgIAAABeUgAAAAJoAQeZAs4bQxSOu9DlufldspWUxiGXJhnURmbw8nZEHART-e2sMzqj7Zio1Vdrk0lNgdMdPVZQ7-T60L4-3yA5cEYPDPZcIXFr-AfuEg09u9RBf9RITmKohjREYeqqE7OZYQWR0JjeMkfgYHKa6vIWTApxguTCyYJ3i8Cb9wpIqv3j69iIjbrACUCP0OwNxYX3fnWXhB55dfT-prcbaKu4ceaXBlw3HXXaw4pe4eIjn4sCoehxWVOxaE8Vzf40hrw7Yv8b2KQQKQagJT4bWFBsuLSdLA9HhPyC4cjaZ2H9lBlUq5-g2afmk5ASDopHgARGByBD4E4RIEL8THz4-3eBpN7nGsCaswvBGaBg--cWOWnbvhR7OgZuw-PRMK8Gskc-oZAPUb2Yb5U1zsgTc4gSoyEvfzA2qrzpPupqfCuLE9-ar74C85xqSZa9BNCJBA80qoh8BAeXpTXwUytB2DQ-TB0ZV_HR_XomzlbaZgFKVDcXO_Ma351deNBc_-dF4-kEq7bKG9hXVIjm6gNYX8uH8j-69AFodgac7wOPn_eDqICutFEYDMtzJ2vhiQrAfYNPwX-J4yBfjJm2BaYTnhGO1UlXp4SdCFJ_c_Ezw4CakfOUATfYIIGuq_vInJtCocsBMvkliQ9rF-nd7EQHfdXVGFu1RGyWc_O6p5ulZRikhixLtO6r2bHJM_Ack2Pgcd9N1IZC12hUhGRQYs6Oe9sC3vyfnW_q6U-I8X9Bl1iIM0wTIkGLVNnw_xCXIP_-pfxxwzAlwo5njXBH4sPRuVI6T_ibMbTgmOTTq0rlJATf8ShXq2q4-5PsAIFIXswV73LjmqamARh7MFbh9skBXAzQKKntoo_hDJIrw7VGjqKwIGQrimLAULZGUaiRnHJ3AL12GK-oeeuEzKss3jm9cVMkUWEDnkrcj0tGT3zIkh4sHpDcx8R2vMquIyjM4lh2VP_amEmo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
e.clarity.ms/s/0.6.32/ 53 KB
23 KB 372ms
119ms Script
application/javascript 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/13008914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:12:57 GMT
content-encoding: br
etag: "1d8191fe855c690"
last-modified: Thu, 03 Feb 2022 17:03:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=053A98BFEC744D949172099082A618F8&RedC=c.clarity.ms&MXFR=18BE4C2FBB18631D3EB45D64BF186D5F
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=053A98BFEC744D949172099082A618F8&MUID=19A88A69BFCC69543F1A9B22BE3D6877

42 B
464 B

180ms
180ms

Image
image/gif

40.91.78.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=053A98BFEC744D949172099082A618F8&MUID=19A88A69BFCC69543F1A9B22BE3D6877
Protocol: H2
Server: 40.91.78.9 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:58 GMT
last-modified: Thu, 13 Jan 2022 19:51:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "3bc6e26b78d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7EB54AEB348F4076827DBD4C30F9426A Ref B: ZRHEDGE0513 Ref C: 2022-02-14T12:12:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=053A98BFEC744D949172099082A618F8&MUID=19A88A69BFCC69543F1A9B22BE3D6877
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H2 204 /
www.pinterest.it/_/_/csp_report/ Frame F4C3 0
4 KB 151ms
150ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/_/_/csp_report/?rid=1592373734555412

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-195f968046a47697e6183196228e4fe4' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1334960707323885; frame-ancestors 'self' , script-src 'nonce-195f968046a47697e6183196228e4fe4' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1334960707323885
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-195f968046a47697e6183196228e4fe4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1334960707323885; frame-ancestors 'self' , script-src 'nonce-195f968046a47697e6183196228e4fe4' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1334960707323885
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.7599645f.1644840777.23ce6bd7
content-security-policy-report-only: script-src 'nonce-195f968046a47697e6183196228e4fe4' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 30
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1334960707323885
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a494082
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 12:12:57 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a01159a

POST
H2 204 /
www.pinterest.it/_/_/csp_report/ Frame F4C3 0
4 KB 153ms
152ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/_/_/csp_report/?reportonly

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-fd74aee9b0f2d877476d07f6086388f3' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7320487375527655; frame-ancestors 'self' , script-src 'nonce-fd74aee9b0f2d877476d07f6086388f3' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7320487375527655
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-fd74aee9b0f2d877476d07f6086388f3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7320487375527655; frame-ancestors 'self' , script-src 'nonce-fd74aee9b0f2d877476d07f6086388f3' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7320487375527655
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.7599645f.1644840777.23ce6bdb
content-security-policy-report-only: script-src 'nonce-fd74aee9b0f2d877476d07f6086388f3' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 30
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 7320487375527655
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a494082
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 12:12:57 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011fb3

POST
H2 204 /
www.pinterest.it/_/_/csp_report/ Frame F4C3 0
4 KB 155ms
155ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.it/_/_/csp_report/?reportonly

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-1350584366891832cc32af7539034dbe' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2282610803316262; frame-ancestors 'self' , script-src 'nonce-1350584366891832cc32af7539034dbe' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2282610803316262
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-1350584366891832cc32af7539034dbe' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-it.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=2282610803316262; frame-ancestors 'self' , script-src 'nonce-1350584366891832cc32af7539034dbe' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=2282610803316262
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.7599645f.1644840777.23ce6bdc
content-security-policy-report-only: script-src 'nonce-1350584366891832cc32af7539034dbe' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 35
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 2282610803316262
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: a494082
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Mon, 14 Feb 2022 12:12:57 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011414

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
25ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=4&q=0&ai=5903&wr=5901&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YSx2dTWyZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-I%2FFmdJ04glpMDA%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&fl=1&j=&xc=0&xb=0&xa=0&md=0&mc=0&lb=11666&ld=0&lc=0&la=0&cw=1600&cx=1200&sh=11666&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644840773745&de=773348581458&rx=748697403913&cu=1644840773745&m=5904&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A991%3A2177%3A6122%3A1065&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=847&cd=0&ah=847&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=132442351&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:57 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Feb 2022 12:12:57 GMT

GET
H2 200 90903 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 11 KB
3 KB 441ms
441ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/90903

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

59e0b0f64a00b0ca5cf185408429fb5bb00bc10a6b283e40ed957a83a589baa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"cd377ebf4e0fa9c1e7c6b87e6d8895f7e3c70c18"
xip: 2001:ac8:24:44::18
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ldtjwkwc
grace: none
content-length: 2207
x-feeds-fv: feeds-prod-vie1-var-se
last-modified: Mon, 14 Feb 2022 12:12:22 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 140145949 145033497, 247286008 510433656
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
xyolo
access-control-max-age: 10800
x-sbe: feeds_web01
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:12:42 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
93 B 115ms
115ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Mon, 14 Feb 2022 12:12:58 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 3685.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 222ms
25ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3685.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1a3b"
x-varnish: 279656899 279503304
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6715
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 223ms
26ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-17cf"
x-varnish: 279806322 279583028
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6095
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3681.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 243ms
47ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3681.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1b03"
x-varnish: 179636130 178672025
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6915
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3676.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 247ms
51ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3676.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-1707"
x-varnish: 147970012 155811730
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 5895
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3693.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 249ms
53ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3693.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b8-198d"
x-varnish: 144560209 144247380
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web1
accept-ranges: bytes
content-type: image/png
content-length: 6541
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 794340.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 252ms
56ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/794340.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 23 Sep 2021 14:22:12 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "614c8d94-1299"
x-varnish: 285683864 285350732
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4761
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3686.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 37ms
37ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3686.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
etag: "5dd2a1b8-1af6"
x-varnish: 165476143 164898271
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 6902
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

GET
H2 200 3696.png
img.sportradar.com/ls/crest/medium/ 5 KB
5 KB 41ms
40ms Image
image/png 2a02:26f0:fb::5f64:9951
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3696.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9951 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 /

Resource Hash

39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
etag: "5dd2a1b9-1327"
x-varnish: 288543455 287528121
cache-control: max-age=86400
date: Mon, 14 Feb 2022 12:12:58 GMT
x-sbe: logos_prod_web2
accept-ranges: bytes
content-type: image/png
content-length: 4903
server: nginx/1.10.3
expires: Tue, 15 Feb 2022 12:12:58 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
130 B 34ms
34ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 45635837d1de2c73c876b53799af6bbf75b76be719735d854b45739a7b711697

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 14 Feb 2022 12:12:58 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109
via: 1.1 google

GET
H2 200 31647333 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 180ms
179ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647333

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

098a107590aad1c9f618a55473c9044a9747ea3576db475ba4954fa22a754a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"cc2d7b007a1ad9de960dfb4599e0a35a23a04692"
xip: 168.119.68.248
x-srv: fishnet-prod-feedsbackvar02
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ldtjwkwc
grace: none
content-length: 1703
x-feeds-fv: feeds-prod-vie1-var-rg
last-modified: Mon, 14 Feb 2022 11:45:05 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 142413717 83590132, 722997596 603612036
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web01
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:45:05 GMT

GET
H2 200 31647335 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 253ms
253ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647335

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

cd0fdc1ce17de8870ab1025bdd0751ad0d4632bf7dddb4f09618587e6d1890b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"08bc15c3c4ce67105cd69fbfae7adefaff0be000"
xip: 168.119.68.187
x-srv: fishnet-prod-feedsbackvar08
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-dergvdbg
grace: none
content-length: 1731
x-feeds-fv: feeds-prod-vie1-var-jf
last-modified: Mon, 14 Feb 2022 11:36:06 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 1040580134 1041849960, 831259368 584935219
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web02
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:36:06 GMT

GET
H2 200 31647337 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 294ms
294ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647337

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

034d8b0ad6be06a2b0ab91b83f2877e18239f340112417e4729689728f790b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"731948c1393a32882b762e40a650023a23962476"
xip: 168.119.68.187
x-srv: fishnet-prod-feedsbackvar05
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-ixniufmx
grace: none
content-length: 1708
x-feeds-fv: feeds-prod-vie1-var-se
last-modified: Mon, 14 Feb 2022 11:36:32 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 20415418 12584841, 508819744
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3596
xyolo
access-control-max-age: 10800
x-sbe: feeds_web12
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:36:35 GMT

GET
H2 200 31647339 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 4 KB
2 KB 333ms
332ms XHR
application/json 2a02:26f0:fb::5f64:9969
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/31647339

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:fb::5f64:9969 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.10.3 / PHP/7.4.22

Resource Hash

0a2fc84e8dedb434e4de04443303d74daed3bb479303f76f73ff8eb28ff30b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: W/"75893c1a01fcc814815f7759ee2758c88bbfcdc1"
xip: 185.212.169.100
x-srv: fishnet-prod-feedsbackvar07
xipx: 127.0.0.1
x-powered-by: PHP/7.4.22
x-feeds-web: fishnet-feeds-gogkqhag
grace: none
content-length: 1713
x-feeds-fv: feeds-prod-vie1-var-kn
last-modified: Mon, 14 Feb 2022 11:22:23 GMT
server: nginx/1.10.3
date: Mon, 14 Feb 2022 12:12:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-varnish: 537431238 535568650, 730138898 728494371
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3599
xyolo
access-control-max-age: 10800
x-sbe: feeds_web11
accept-ranges: bytes
content-type: application/json; charset=UTF-8
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Mon, 14 Feb 2022 12:22:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 25ms
25ms Image
image/gif 2.21.143.57
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=31&hp=1&wf=1&ra=5&pxm=4&sgs=6&vb=8&kq=1&lo=0&uk=null&pk=0&wk=0&rk=1&tk=0&ak=-&i=TORONTO_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C2%2C2%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-YSx2dTWyZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-I%2FFmdJ04glpMDA%3D%3D&sc=1&os=1-Xw%3D%3D&qp=10000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&fl=1&j=&xc=0&xb=0&xa=0&md=10&mc=0&lb=11680&ld=1200&lc=0&la=0&cw=1600&cx=1200&sh=11666&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644840773745&de=773348581458&rx=748697403913&cu=1644840773745&m=6907&ar=944fd8091a1-clean&iw=60a2507&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A991%3A2177%3A6122%3A1065&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1705&cd=847&ah=1705&am=847&xd=00&rf=0&re=0&wb=1&ai=5903&wr=5901&cl=0&at=0&d=thestar.com%3Athestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%3A__page__%3A-&gw=torontoprebidheader623296055317&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=940339414&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-143-57.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:12:58 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Feb 2022 12:12:58 GMT

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 44ms
43ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 14 Feb 2022 12:12:58 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 101ms
101ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Allow: POST
Content-Length: 4
Content-Type: text/html; charset=utf-8
Expires: 0
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Date: Mon, 14 Feb 2022 12:12:58 GMT

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 116ms
114ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.thestar.com/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: https://www.thestar.com
date: Mon, 14 Feb 2022 12:12:59 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 7C78 11 KB
12 KB 51ms
51ms Document
text/html 54.194.29.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fcf74337-968c-497d-a870-7ed49c84ca3d&publisherId=TKN100000001&siteId=4204204311&cb=1644840779301&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.29.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-29-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: it-IT,it;q=0.9
Referer: https://www.thestar.com/

Response headers

date: Mon, 14 Feb 2022 12:13:00 GMT
content-type: text/html; charset=utf-8
content-length: 11722
accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
expires: 0
last-modified: Mon, 14 Feb 2022 02:39:15 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 7C78 4 KB
4 KB 51ms
51ms XHR
text/plain 54.194.29.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fcf74337-968c-497d-a870-7ed49c84ca3d&publisherId=TKN100000001&siteId=4204204311&cb=1644840779301&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.29.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-29-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a5618047670c6184dfbe77ce3fa91a821fb21538c6afb465f4756fb91cdef636

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=fcf74337-968c-497d-a870-7ed49c84ca3d&publisherId=TKN100000001&siteId=4204204311&cb=1644840779301&bidder=ozone
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Feb 2022 12:13:00 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 cookie
cm.adform.net/ Frame 7C78 43 B
106 B 280ms
40ms Image
image/gif 37.157.2.234

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:13:01 GMT
server: nginx
content-length: 43
content-type: image/gif

GET pixel
ap.lijit.com/ Frame 7C78 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?Aoiwwg

Domain: ap.lijit.com
URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

80 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
e377.thestar.com/DG/DEFAULT	1970-01-20 10:30:00	Name: BCSessionID Value: 175219cb-39c0-4519-aba2-9d20283f3986
torstar.blueconic.net/DG/DEFAULT	1970-01-20 09:39:36	Name: BCSessionID Value: 175219cb-39c0-4519-aba2-9d20283f3986
www.thestar.com/	1970-01-20 09:39:36	Name: selectedCity Value: thestar
www.thestar.com/	1970-01-20 09:39:36	Name: last_visit_bc Value: 1644840773327
.thestar.com/	1970-01-20 09:39:36	Name: bc_tstgrp Value: 1
.thestar.com/	1970-01-20 09:41:03	Name: _vwo_uuid_v2 Value: DA3E2BD71D47A6CF2D1AFC21C022DCE82\|ad2f4ecf57f73d459aee8b541ca15433
.thestar.com/	1970-01-21 03:12:15	Name: permutive-id Value: c1b02ae0-2f53-41ba-9c76-c5805fde2f19
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 03:02:10	Name: pxid Value: 33c897b6-021c-40a8-86ca-1dcbe0e6b99b
.thestar.com/	1970-01-20 03:18:00	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-23 16:30:00	Name: _vwo_uuid Value: DA3E2BD71D47A6CF2D1AFC21C022DCE82
.thestar.com/	1970-01-20 00:54:02	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 03:03:36	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A-1%241644840771%3A40.11906417%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.t.co/	1970-01-20 18:25:12	Name: muc_ads Value: f4fbdb5b-1cfe-496f-a188-0fc4803d5826
.twitter.com/	1970-01-20 18:25:12	Name: personalization_id Value: "v1_9IUqh9griAUaJt30hZThuQ=="
.demdex.net/	1970-01-20 05:13:12	Name: demdex Value: 47269294736822312842491903800621531178
www.thestar.com/	1970-01-20 01:37:12	Name: AccessToken Value: idv2kzmnq89izn98ayi551qsiojas9l8wr
www.thestar.com/	1970-01-20 00:55:27	Name: ios-smart-banner-shown Value: true
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 57e5b25e-f652-4c83-8805-4f1ce4267f68
.thestar.com/	1970-01-20 09:39:36	Name: _ig Value: 5c1a020c-60a8-4d41-9796-3eaaab0df75f
.scorecardresearch.com/	1970-01-20 18:10:48	Name: UID Value: 1C1a7a339c8e929071ea0b21644840773
.thestar.com/	1970-01-20 18:25:12	Name: s_ecid Value: MCMID%7C47255164298653916142492742556845038112
.everesttech.net/	1970-01-20 09:39:36	Name: everest_g_v2 Value: g_surferid~YgpHRQAAAKeNXQO1
.thestar.com/	1970-01-20 18:25:12	Name: _ga Value: GA1.2.645813381.1644840775
.thestar.com/	1970-01-20 00:55:27	Name: _gid Value: GA1.2.848569409.1644840775
.dpm.demdex.net/	1970-01-20 05:13:12	Name: dpm Value: 47269294736822312842491903800621531178
.thestar.com/	1970-01-20 00:54:00	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 00:54:00	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 00:54:02	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1644840775254%2C%22slts%22:0}
.thestar.com/	1970-01-20 18:25:12	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19038%7CMCMID%7C47255164298653916142492742556845038112%7CMCAAMLH-1645445574%7C6%7CMCAAMB-1645445574%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1644847975s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19045%7CvVersion%7C5.3.0
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 10:23:24	Name: _parsely_visitor Value: {%22id%22:%22pid=085e546389f1e7f694383ff13b175dae%22%2C%22session_count%22:1%2C%22last_session_ts%22:1644840775254}
www.thestar.com/	1970-01-20 09:39:36	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.adsrvr.org/	1970-01-20 09:39:36	Name: TDID Value: 2d168a75-8fbc-4f49-bdfd-4f863474753e
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1644840775667
.rubiconproject.com/	1970-01-20 09:39:36	Name: khaos Value: KZMNQ800-G-CZYY
.rubiconproject.com/	1970-01-20 09:39:36	Name: audit Value: 1\|hLZGFuTafB0J4M+2j0cRUlqbBgMWySGKaxJuuRhJfvf1WuVaZUhTAV7p5viM+XFwZ5DH12jhCRGScjHPe80SWMxuhZpbWKLt+XD9g38/+iI=
.adnxs.com/	1970-01-20 03:03:36	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2H`eu]3-f!@wnf-Te9(>wL5L!!'/K$UAb)
.adnxs.com/	1970-01-20 03:03:36	Name: icu Value: ChgI8ppSEAoYASABKAEwxo6pkAY4AUABSAEQxo6pkAYYAA..
.www.thestar.com/	1970-01-20 18:25:12	Name: ts_s_ecid Value: MCMID%7C47255164298653916142492742556845038112
.adnxs.com/	1970-01-20 03:03:36	Name: uuid2 Value: 8384784785671070039
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: 175219cb-39c0-4519-aba2-9d20283f3986
torstar.blueconic.net/	1970-01-20 01:04:05	Name: AWSALBCORS Value: Ir+bmKPSU8Ot0scmenRuqif0jZq6dmydF6ld9FsFLcT2utsha4I+j/zS2wYk9cA9MVwSmX4cZvKWGHlhugRIZUPNXA6ffqjSuOx6o9NavAgkO/RmNR4PI6F3ppfS
www.thestar.com/	1970-01-20 00:58:19	Name: digitalAccessOverlayStatus Value: nextPage
www.thestar.com/	1970-01-20 01:01:12	Name: digitalAccessOverlaySubscriberStatus Value: nextPage
e377.thestar.com/	1970-01-20 01:04:05	Name: AWSALB Value: dqFwgsFDZKulJDRIkYOGJDLgPQ8cnF3jfQzhU/IVre+WLeXO8m2UhKUHZyguHgBlESWtVccTLTkkNof2vn99WZgoa1WJZQdDeWJUEjA6UQiDUquUJOwmXI3whBnW
e377.thestar.com/	1970-01-20 01:04:05	Name: AWSALBCORS Value: dqFwgsFDZKulJDRIkYOGJDLgPQ8cnF3jfQzhU/IVre+WLeXO8m2UhKUHZyguHgBlESWtVccTLTkkNof2vn99WZgoa1WJZQdDeWJUEjA6UQiDUquUJOwmXI3whBnW
.thestar.com/	1970-01-20 10:15:36	Name: __gads Value: ID=2b8744edf76d2c23-22bc116e3fcd000a:T=1644840774:S=ALNI_MbfTw57XFrL3lQdXUMIgsp6I8HdQg
.thestar.com/	1970-01-20 03:03:36	Name: _fbp Value: fb.1.1644840777374.1221453757
.doubleclick.net/	1970-01-20 10:15:36	Name: IDE Value: AHWqTUnKLHggD5vl2oh1t9IMx-UAAuPKVcJ0Jn7QB60_U2Zp-EUuVW6eIl3xKjOzoC8
.facebook.com/	1970-01-20 03:03:36	Name: fr Value: 0YOriZ310lJ2cxHfk..BiCkdH...1.0.BiCkdH.
.thestar.com/	1970-01-20 03:03:36	Name: _gcl_au Value: 1.1.1079409830.1644840778
.thestar.com/	1970-01-20 01:37:12	Name: s_nr Value: 1644840778006-New
.thestar.com/	1970-01-20 09:39:36	Name: s_nr2 Value: 1644840778007-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-20 09:39:36	Name: _pin_unauth Value: dWlkPU9EWXlNakUwT0RZdE16bGlZaTAwTjJJNExUa3haRGt0WmpNd00yRmlabUUzTjJVdw
.doubleclick.net/	1970-01-20 00:54:04	Name: DSID Value: NO_DATA
www.thestar.com/	1970-01-20 01:37:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thestar.com/	1970-01-20 03:03:36	Name: _rdt_uuid Value: 1644840779103.5f077284-3365-431f-9326-2db37f258d03
.bing.com/	1970-01-20 10:15:36	Name: MUID Value: 19A88A69BFCC69543F1A9B22BE3D6877
.thestar.com/	1970-01-20 00:55:27	Name: _uetsid Value: 730cb2908d8f11ecade2d5ed16c864ac
.thestar.com/	1970-01-20 10:15:36	Name: _uetvid Value: 730d5d808d8f11ecbdc689bc6ad05a6b
.linkedin.com/	1970-01-20 01:37:12	Name: UserMatchHistory Value: AQLlYalYzWyC3AAAAX74Jncq7nwneEnRulRB3KHj_OP7-rzJWFWyW5KivlsD2BVMckbtuweOmaxMew
.linkedin.com/	1970-01-20 01:37:12	Name: AnalyticsSyncHistory Value: AQKM24kVxIJdtAAAAX74Jncq1vVA1TdlbX8myFRqG_EZPtm8HjukgKW35dw03OZLI5vls5kRTZ7Prl-PDKPSCQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:25:54	Name: bcookie Value: "v=2&68ac0259-333c-4888-8836-17e299e4058c"
.linkedin.com/	1970-01-20 00:55:27	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2536:u=1:x=1:i=1644840777:t=1644927177:v=2:sig=AQEiA6XY36GsHWSc9aQkzFSpB_pSEY-h"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=it-it
.www.linkedin.com/	1970-01-20 18:25:54	Name: bscookie Value: "v=1&20220214121257f7246f55-b37e-441f-8f9d-1ddb167ab45eAQFwMtAuWSyuM_uigFSUSsbXD9Ljobhv"
.linkedin.com/	1970-01-20 18:09:52	Name: li_gc Value: MTswOzE2NDQ4NDA3Nzc7MjswMjEyYCdxwzf4YNecgdXbGeaMukrIirC8JskGURpHJCbWXQ==
www.pinterest.it/	1970-01-20 09:32:24	Name: _pinterest_sess Value: TWc9PSZldkNUbnhYb3RjUElMZklJeWpoeVFqT212UXAxWHlWTUZhWHpRMTdVeU5GUWdUVWloY2ZmZ1hweVhEc1dkSTJ3NEJzMVo1aXlEQ0hTc2dQQ2hDUklkK0VBd09wNWRjbU1IL2I2M2FSMlJTQT0mbEljMzNCWmFWSGRVd0VHbGtoa2tqbE5aYnM0PQ==
.thestar.com/	1970-01-20 09:39:36	Name: _clck Value: 1a9i9qy\|1\|eyz\|0
.c.bing.com/	1970-01-20 10:15:36	Name: SRM_B Value: 19A88A69BFCC69543F1A9B22BE3D6877
.thestar.com/	1970-01-20 00:55:27	Name: _clsk Value: 7bjbdy\|1644840780111\|1\|0\|e.clarity.ms/collect
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:15:36	Name: MUID Value: 19A88A69BFCC69543F1A9B22BE3D6877
.c.clarity.ms/	1970-01-20 01:04:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 00:54:01	Name: ANONCHK Value: 0

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 122) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 122) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.18862804260652477(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-3d1a80cbbc4fdc4472eae80c14d918ad.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 140) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-3a8c03cc83fd9c554b5af6e1cc1ffa80.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.thestar.com/api/overlaydatarule/2021-q1-shop-low Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056(Line 40) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414117618908? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=414117618908?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-97d15a9add2b7d1d07db666abb328b3c' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
ad.doubleclick.net
adserver.pressboard.ca
adservice.google.com
adservice.google.it
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
beijijngmedals.thecanadianpress.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.parsely.com
cdn.petametrics.com
cm.adform.net
cm.everesttech.net
connect.facebook.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
e.clarity.ms
e377.thestar.com
elb.the-ozone-project.com
fastlane.rubiconproject.com
fd2a5b2262cba309acfae38228949d11.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.districtm.io
htlb.casalemedia.com
ib.adnxs.com
images.thestar.com
img.sportradar.com
js-sec.indexww.com
match.adsrvr.org
mb.moatads.com
misc.thestar.com
p1.parsely.com
pagead2.googlesyndication.com
platform.twitter.com
prebid.the-ozone-project.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
query.petametrics.com
resources.thestar.com
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sejs.moatads.com
snap.licdn.com
sr.studiostack.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
torontostar-d.openx.net
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
unpkg.com
uswidgets.fn.sportradar.com
vguamh182d.execute-api.us-east-1.amazonaws.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.pinterest.com
www.pinterest.it
www.redditstatic.com
www.thestar.com
z.moatads.com
ap.lijit.com
tpc.googlesyndication.com
104.16.190.66
104.244.42.197
104.244.42.67
108.157.4.15
108.157.4.44
108.174.10.14
142.250.185.98
142.250.74.194
142.250.74.198
143.204.98.71
15.236.176.210
151.101.1.140
151.101.12.157
151.139.128.11
158.101.192.149
172.217.16.130
18.64.115.117
18.66.107.43
18.66.109.174
18.66.242.12
18.66.242.164
18.66.245.59
18.66.248.123
18.66.248.66
18.66.248.94
185.33.220.241
2.21.141.169
2.21.141.232
2.21.143.57
20.62.48.180
23.0.33.234
2600:9000:224a:5c00:b:bed1:3e80:93a1
2602:803:c004:200::140
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:7aaf
2606:4700::6812:451
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:802::2001
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:400c:c01::9b
2a02:26f0:ef::5c7b:c25a
2a02:26f0:fb:5ad::1931
2a02:26f0:fb::5f64:9951
2a02:26f0:fb::5f64:9969
2a02:26f0:fb::5f64:996a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::396
3.33.220.150
34.107.254.252
34.120.133.55
34.241.151.12
34.252.133.182
34.96.102.137
35.190.14.224
35.241.9.51
35.244.159.8
37.157.2.234
37.252.172.38
40.91.78.9
50.16.19.147
51.104.28.77
52.139.4.139
52.210.75.127
52.28.203.152
54.144.144.142
54.154.165.122
54.194.29.203
54.237.17.91
65.9.78.92
0060d2dda7b23b9d68885f719c220efc1e787a7c9dfb017bbefda9ac6a133175
00e0e64270b66cef6244e5a7463a649e24b93e8908f2600d8fd1c3c5055d27cc
01cffdff6aab482bfe1b1c63e467769336e0a4016146a581d091a05f9b70f3a3
03430d731a51f0135c19e0f0a3ebd0eb9735e582be8521eabb50c8636025ea53
034d8b0ad6be06a2b0ab91b83f2877e18239f340112417e4729689728f790b7e
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
09462845220b3bb7780eee9a9e11a3b74563b18ab5c4760e279dfedb3f0e70b8
098a107590aad1c9f618a55473c9044a9747ea3576db475ba4954fa22a754a90
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0a2fc84e8dedb434e4de04443303d74daed3bb479303f76f73ff8eb28ff30b18
0aadccef70dba22774bb34d89d8bb78dcf357c2876983813122b75edd60be756
0aade1454de72aaab14b0ce231e3be92dffd5fe6ff7c1d97498612a0c377edd8
0bf24129fdecdf539558d4dc948b494614fdf8647f43231d33d88598ee5299f9
0c955580b5c4979d7f769e766cea4d9b70d5d62c7e2f2d2fb566cf7e31a784e6
0d32d26418f0a4cab9453fc8f9ae4350845b201ef329fe69aac4840544f9c213
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1251f8afa6eda7bbc51b2d073ac8cd4acc99a938b595aaf41d97068e6672d261
129f20562669ea1f821116733d7575bd3889de52ccccc98517064605b722458e
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
143931a05844543ad39fb3df7fbfc9c8411b32fd5bfd1b00f29fe80ff3202c6c
15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a
182fb2b790fe5834246d223be4978a2e56d480b6d2226cb1df834519086205d8
1831b0f5a624f145d4e73d1c77e20bf9a28507ddd45ee72ff863f9b6b811f424
183f26ea4fe2c343ae6766e1ccd356a64e75847ee95e3446da0aa2ba634f30c1
18ed9d8d422203c7a87e2e75898e778588f2c8a923164f15f78a8b9390679e4a
1be4cf0c02a6b1a191f4ee5a059710295dc90697457419e218c8f89f7108dbd0
1c20718b1c0169fd62a400dad810f15e4e064ed3129356cdc8ac21c0b6c96ccd
205802e728ee2e6fc99329d166ba57cd8dd67e3462a352f8e27a15905790b3d6
2112cfbb6291860ee6e89397c0517a9b8c73ffd9d81ac4c108385d08fe162707
2340dce2ad3d048afe7a502a27b037d87a8ed9a15975a214a4331e2c9b1a8e5e
24a77a91e337c0dc7e0a9bfa1e00fc73060a2cd005e3f49b5d88914d160e76a1
2663514a298880242dd66949e5b2455c7e18636ed98bc8939850a8a9dded2c33
27923298ebe479ae1485e71ad8ba493d087075c737c54844b6863bfc932dd5a1
27aff93119159623e908cc6e5dba2590ac1f35ff51493af0379b09fa355309f8
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f1261f9acdac5e80403307d2573cd5812f128c975a15da8593d9bfd92d33ef
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
290e60f247d195c19d505e85d5577c7a65e5979661cf8ab253922b52f4973fa1
2a0bd02b3e9a627b15dc5d04c265c55e63b98c1f8a6b919967502d2e2b1afc75
2a7f2dd0765d4a3be21d3655f8f19637e2f2e03e4d69d05963ec6dabd6df6040
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2de1673186c399634f6f6abf9ca0922a014401cffe1ff71021e955475ab3d36a
2de6473d69f798719521bb28e561ccabef6165eb953945629cc61980d1084827
2e409d4ca17a4094a0fe278c987a6bcfd3fbcd2e69d6beabbfbaaf8d09460b76
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
33588a91c0a35528645dc3f8117443e5c00c70bba1de6ac0132818e1cd6f7ef7
335e965a01427602557c0e4e0407bb012cbebab68012fb57488c62df20eaee91
33d1f21929633391e41530553d5646fd40fe5200715888dc55da7890901995cb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
369ee86f98ea5be70470d5846d73b7d2d5f2eca5bcf6c169b260572277c90a15
36d3e260da6c89e8893b03fb5a516d088cb46a136c094fdc5bda05ef2d3cec6f
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
37aca04722332249aff198c2e1eb824ef37451464af75f554b0177d77a799ad1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37f354767d903f5778c18c65bbaede1a266f953431a6e821803656cd516bfe62
3817de7ee89900b5db3dc77bec5e75b9d44feea7ab19e7d409092da3c09eb870
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
38272e882bffaf7fa3bd922044357d53f379420204b9721339bb4e53667d79ee
39ca7166596486e4d67c242d70fb6a1d95d2ee9462ea02026d38c882ae752177
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
3ea558b901b3ec4da6aa20dc9d6d7a9b3c3d26f709218e1421fdf93da7566bf1
3eb840c90fa2b960a984d3b06f9d59d1b601410b83780df6e2629877dad79767
40c92675c2b862eeee265e144b1524ed422d61e75eacfd5197465c72f7dacb55
40eed9f30c5cf0d5e3e051f8bc376a13f6025f628ad9795d8177c96ccb14cfdd
41ff31cc2d4480d58bc5c85ee17c1b78392f83825250e87fb9ed40d886e374ff
42c457ab4b8f706eada7d0be612217d67304abe5b6e0746f65c39002493b3ce9
42cd8c5ed1ca7f5cff47d76c775c6318006c699450095dcad331a8f6073e5bab
43e97e5d45f33c232bdf7848baac24ce64370ce733ad8642a3827e629a853af5
44218166f78adbc856eeeb93787eabb29f78160232ab88ea59e45dd2bb5831ce
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
45635837d1de2c73c876b53799af6bbf75b76be719735d854b45739a7b711697
4732c25586a397ce39e3d031693be639c13420460a55af067a618f7d4f557d0d
4852fe502fe0076f7731ebfcde29d34f98891893cb917a0ee95d7ca83bb7139a
48c2e09fd6c9a2479c5250705a3af4b13dec0c89e94152aed7fd24c59ffb77d9
494874a05c407cfb2315f6aa8fc056e62fb7d5b6d8cde0761bbbb4ad477c9fbb
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50063c382b074e0b9fb907b397615cdc7843212f71e01e11442af7c5e1786b42
501db17c4702013db299f94dd0bb8684f382ab667d5e62f29298d7cf8655ee79
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
515239a85055e3ce255def75ee13d72d166e04154099ac2d8e61dec9417850ab
521e24807293eb4e4b0763969517f0c36ee2754403187190a5f05c7f6ae279b6
52cac1193a3683e35353723a38e01a9bcc0c5f9bf2be42d29c96905527c7923d
53e47f0803e3983ae0b26db5f39e87c0bfd327981749c02c9e2f955341e34d7b
542371cadac2900fe706a2cb72ef579531e1fd5c4035dce4da345ddaadcbe05f
5452575314e1670666677df12b99c0b0b0f86fdd6a076e1bdf374e59f36a75c1
549fdc6034c005c4d1b62bf971f89636c6032d5e386a089980f06058028a4178
54ee7034cc8f34ae8821b8d9d8e710a6d415dddaabba76daeec0eb8757cd32ca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
57d59994d40bdfa1c636d5066c937f11bd7142e0a313e4cd5d7ba0834a388e0e
5945831480135fa4744e0a3fdc32531b0ce3779526092392138a8e7fdd91aee8
59e0b0f64a00b0ca5cf185408429fb5bb00bc10a6b283e40ed957a83a589baa5
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5cb58980d85cf281723d540bba89bab8667e9929132da9cf516b39cbf6afb4c1
5d1be642ce02df3eed902b78843e8a99f383bcccddbf4e0b097672d2c018a145
5ea1e242279067e3e88564e4ef131143c58e7ec36929e73b31f8c94b990455a4
5f4db5659caa6188fbf8fa4d789652351c6b4e115aceed4d97b560e918c53fb3
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63fce060ca5565cee7bafc88f8df55765a3504c8d07ff7b69ae4c26861f86f2e
668e63028ea3fcd991fdc6ba68efe5684dcd3762cdcf355ee8f502ee75f8318a
6725f37b7e0989851d8c7f342db0bce8e208703d97c772a408dcd61ae3b822c9
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6da5dd3b777c8f89f95d3a55c05e7aa16894cb81bf34be13becf45494effbe9c
6fb45af203288313f50cecb966712a184c35df4ef86785230c38d8c3eee731d7
73cb733aad8948c06e0825fe9456eb162f7af568f7ec1b62dbddd161c3051243
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
764cb0379bb5cba7cbb9c93f087311ad085eba193b7f7c87e830bc36ff93cd16
77048583b7630fa477d6db1c85361b74455783f74bd787c2640ff667f5d78980
77bb588db394ac21068f852ad2e4447e50817fec8c8ce791d827f37847fb0504
77cd5b400b171e38d18c72be8020c15fe977ef4c59e73b1fa797d45dfc8fa8ee
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
794f815439957a99ba5c28299d021fcc1b062b687ab8306ece58727baa2f147c
7b1a69ec03a22130641a6565cdf14b66d4c650884663e55f16643ed1d70999dc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7df2ab0e05822016b88243baf75d0cb2bee05eba7d693ef0e8df9ecbb7fd29ec
7eac7ce60faa71d442d8a51ce4a4cbfeda92c6f7b934d730a4171676fc0de8dd
7edbcc3b82301c6e1c94465ceeb5b7c17272fcb45a88bfb8af03de7298b57098
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
8427bc5f38727831b33ee14188e5b1d4a95185b5c0eeae85d4fcc77c5ec3dc29
8475d35545e912302704e862b7dbec5fceb6da0c085b7646eaf96b7e24902d00
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
856102e0cd1426debe5b8f051ff6a82b25e90f28689395c9630f0afc73c89fa7
85b7f2e7d8a366f66cd258cc0eadbd3788d36f638b75cf5d9a4360337ae0aaa7
86edd1bd7bd5f3251da12cd3c5b391deb666745d36daf364bfaf0a5aa5d59bc5
875df698fd711a6df4b52ff39287d1adc45965715ac4c9acd1865c9861a30468
881dd5e8b6ec07fe96ae408b5f83ad87578ac43f3ef743c2419cefd6fb232edd
897727e6dcdbc2eaa7547078b9ab387ce0c4d5d1bdaa3f42982133adbbbc4e2b
8aba6298f908385d09365b50082b23e201444c0e2d5a42d82bf98c25c1460be8
8ad5ec5f2dac1e32af44cebc381fec69bba9053933a66c19497358843a6d2eff
8bacb685be7cec7f41a0270e694fa90c0fb448b2c0ded5f1734baf51050d695c
8bf27f834574caa37171638f4821f385123452f66df62b3965a9cc6ad4280037
8bf9a314c9e16671392d7a048ef850647d644218835cd6be9dd0d24ff3265e5b
8c437f676063e9ab67a382ebb571f0c348ff9e91d6528a15813d8905b5ff3c25
8d6f66493a7fc78db53ef589b2c9a8fe8dc33266b1bad0f99a51f852c84b39b5
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
8fa66162f2b74aaf28143e8bb208bd2d6a0ac382bdf6673bfd1060a55c3a827d
925dc37d53806eb1b265cad0eada8d5bcd6413b1c2928c892fc34d9837e4113c
93960021d02c08d1233877ce47dfb27a15d76c7c5ba482a716735ec46293ff9d
9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933
94cfaac981ccf7963e55f283105d631a56210fe50af228fcffc63a5db2143114
95344dfde60f4020ff7047369f479d442e47843d1e4933598409d2a09d57b04e
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b4fd2bac023c59fa666614872a2a06a413659ca1b03eb71c3ad32298b2366dd
9c4c935ecfc59904ac85c8316d4234cbb505e9ae3226b99836d1efeb20382e61
9dd087c597ced16e26d0066514401672dc38967008ea37155200092af7a9f56e
9e150724e787fc57db27606b4a4eedf0947739a1c80c2157340cf28716e753f3
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a0537c11b003a1decb75be22d0d6cc543c48e9c88466b4e35b06b5eaece163e5
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b9d144338ed4ee9b0f0333b037b7dbadda35472e25558b49cebdcabd15b016
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a466fbd0476a9bb39abea5fc422574dcda89fc7dc2b678943413958b9a3c8e33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5618047670c6184dfbe77ce3fa91a821fb21538c6afb465f4756fb91cdef636
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77b14fa718d5e2296ca2fa7007a8e8f52dfb07633f607181451eab75e631b3f
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a8ad803f7ba4e78ac76c298f68e69d88ae2ed4d389f9bd6082aaa63e3948828f
aad75ee023ab7b0c9cac9a7049815dd801a93abb524c332e470e7d5b7a8f2d30
ab199625a90b8111a0ae408ef6b43ae28dd55ad6d2fa2524666c169b5b1262bc
ab393638335535822529288f9a68ecc846dc68900740c1f1af25220e9cb5c5cc
ac1d08f943da892e3743a62323793f3d059124aed49176b3af77717a17ed580d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
acf47ed08e03deb30050e6cc80f2972698f083352e87deda1ef3f3b1bef79e1a
adcc2125258eb603a3921db0ff5293df0ce1f3e87906f1278cbb9ce6f155fc59
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
aee034d31571969a8134d9e6afd5cfca4ee3a95a3111326f9170be403a66b3f6
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26bbc0b1784322ee18f51bfebab8d20823c77eeb37d50ac9eecf804dc7146ac
b2f37ee269c9d050326eb74906dbe3d57fa541cdf086ec86ee4235c14b58cbec
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b4139a4dd4b9334e7c3bb6beb9be0ddb893d665373cec1b8893f0d1f378c1e17
b678737a3c8d2d27716eefcf617c29bb779547ea3a18447e940976e2bbee5284
b75b938326ba99ef43c51f37a07b18c8c6b5699594cf87f3e770901481f5dbe9
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b8e8734d09cbff47f0afe26e91200cd19071e79647f718cd7b5c2ba16a13ebf7
b92b0ea2dd438aa91ee8e4abeca6e7edcb9860a63a69c02f6ecd6b0effa01a88
b9b392e587ae017404e8c563131cf72e306fe94c2e1ad9cd077dc43e4c1bc84c
bb6bbbbf98647b93b389dcdb48c5ac50a09f147a53c97ac07af2275db78b2f7c
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc92db10eb34954ec128d6db4e88bced94f3579131eddc361bfd60b329619769
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
c779b0c005c1e60a18df6713cbdf3fedf2562a4306630e41d29a91033dbeaaf9
c8f14842bf6b55eed43d7188fc849f03f6bd0a2c2285587b4fc3ed9c3671b2bc
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
c9b5142fa6dad2f5c2c029ee99cff04de2abe2d846c95b3b457406008d69efc4
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cd0fdc1ce17de8870ab1025bdd0751ad0d4632bf7dddb4f09618587e6d1890b4
ce11d1dfc55e242dd2bbcf9fa94c5d809f050282ac7c62bb9f34126cf1f5b0e1
ce645f5d54866ed5cf909b236e041b7e9326b7cdb71e8e507fe5fa79172c5ddf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc07da9f01386f868f0b0baa0339bfcdcd1432fe97428b5285767cc93f932d4
d217301d1beca280818807958c12328fb84bdbb1bc7c23702276124c00a4bd9e
d48b0a2ab9c3acf2723de7777155c2b5a7e085194680eb43fc4fb2a708b847c0
d4bc81be1c520b6abe69a2cfefff36368e2aee55e84ab17ce69affe094887d0e
d56d3e71b2453fa9b46b097ce633355e153b3b205e5d779d8c4bdb6c4458687b
d71cd26a8d15e08c1bbf30862aea8c3f7b66db1ec5ca08c67d7ff1e03b4ad4eb
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dacca56404974a8e6f565494f8a558e553c31edde62d8559cf75e7f0945f4cf5
dbb5e16606785dc1b8fce16626f44890556c33bc9999b7e9550f75b22a1fd190
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5be5e24c2d64db9fdd8a0f48e6d9ce6f792bf62e4e2baaf8e8449acc7c367a
deda314c90a4d526810b243c21f4ffead204494dd210f555c6e0fdc4a079fa50
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e23a6776aa183e28089211911a9921af2d71eff25b3bb156c108eeaddbcbcad9
e39d8e3236bd8c2790a2d7ae0aec00a007e5a0e3b48de7ad4b2f3e97d38a3bd7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca4ba239ed2d8c05925a84d13a62b52aa0abecccede81e4db5d583ba4d3539
e405c0d0ab8c71073b5d5f4bac965a420738c11b580602dd5bb76fcd7ca41c7a
e88d5f263945d9341d3180cdab77d99915a1ab21962fabc4312f9ed09a1a0448
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
eae24cd9a561f3b9f66bc4df3a84765c27a45c045856912831fc969cbef8a53f
eba233c164f038c5c6065889f84c84fd193325dd13b6fc734fe30ef4f34a8081
ec8de55b279f65ad4d49aff05ca8b9499ec486a16c87f9be7c43d978bbc465a0
eedabdd2b23f98813d6e180e614bfd6a42b38291996622b21c715259ebff0ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb07fe7d68c976671a250c72a221417754b6fc8cd90a2451a8055e9a65d1a1d
efb866cceb689044f6c72be792a07af39f1dfbf4dfceca88654fdb54e472bbe1
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f19e5a983188eb634fbb84acd91f52675dd2bae3317fd395f3ddf3254ae83803
f1c7fdb6522522eef3c947243ffca58854dfbca9987adb0f49696a4a51cfd3a7
f5bdfd7b1558219347ede84962ab06b3bc3207d6385269c08d011f587966d529
f9b9e6446d7f175e8589db2fa6d8b787cbfd392331d58b7ec88f32a89c97f75d
fa4583152c3fb7bcf1cf2322b1a3d0d9181b52e8fcd2dea4700a790199654b06
fc8ca38053185a62da400a7d81fca39035b7f35202a2b571f1498d553c1b8d98
fd4a1d87325988ec25bbb18edafdc917d41e1c97d906167d9c675b6a639c50fc
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.thestar.com Open in urlscan Pro 143.204.98.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

329 Requests

95 %HTTPS

36 %IPv6

59 Domains

94 Subdomains

81 IPs

9 Countries

5800 kBTransfer

18868 kBSize

80 Cookies

17 Outgoing links

Page URL History

Redirected requests

329 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
143.204.98.71 Public Scan

Screenshot
Live screenshot

Full Image

329
Requests

95 %
HTTPS

36 %
IPv6

59
Domains

94
Subdomains

81
IPs

9
Countries

5800 kB
Transfer

18868 kB
Size

80
Cookies

329 HTTP transactions
1 data transactions