www.thestar.com Open in urlscan Pro
13.226.145.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On September 01 via api (September 1st 2020, 7:15:01 pm UTC) from US

Summary HTTP 180 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 57 IPs in 9 countries across 44 domains to perform 180 HTTP transactions. The main IP is 13.226.145.64, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.thestar.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on October 3rd 2018. Valid for: 2 years.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.206.150.106 192.206.150.106	10400 (THETORONT...) (THETORONTOSTAR)
1 33	13.226.145.64 13.226.145.64	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS)
8	13.226.145.123 13.226.145.123	16509 (AMAZON-02) (AMAZON-02)
1 3	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
5	13.224.193.35 13.224.193.35	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	3.10.67.84 3.10.67.84	16509 (AMAZON-02) (AMAZON-02)
1	143.204.101.34 143.204.101.34	16509 (AMAZON-02) (AMAZON-02)
3	40.71.11.164 40.71.11.164	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	95.100.197.53 95.100.197.53	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.61 13.225.78.61	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.225.84.166 13.225.84.166	16509 (AMAZON-02) (AMAZON-02)
1	143.204.208.100 143.204.208.100	16509 (AMAZON-02) (AMAZON-02)
1	146.88.138.85 146.88.138.85	33438 (HIGHWINDS2) (HIGHWINDS2)
2	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	52.30.78.155 52.30.78.155	16509 (AMAZON-02) (AMAZON-02)
1	52.217.47.30 52.217.47.30	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:10c... 2a02:26f0:10c:48b::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
14	35.186.239.238 35.186.239.238	15169 (GOOGLE) (GOOGLE)
1	13.35.255.237 13.35.255.237	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	13.224.193.39 13.224.193.39	16509 (AMAZON-02) (AMAZON-02)
1	95.100.70.75 95.100.70.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.32.152.233 63.32.152.233	16509 (AMAZON-02) (AMAZON-02)
3	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
14	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
2	13.224.193.15 13.224.193.15	16509 (AMAZON-02) (AMAZON-02)
1	52.72.211.240 52.72.211.240	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.229.91.186 54.229.91.186	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
3	151.101.112.133 151.101.112.133	54113 (FASTLY) (FASTLY)
1 1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
1	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
8	35.190.25.50 35.190.25.50	15169 (GOOGLE) (GOOGLE)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
8	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1	3.220.111.220 3.220.111.220	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
180	57

1 192.206.150.106 (Burlington, Canada) 1 redirects

ASN10400 (THETORONTOSTAR, CA)

thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 13.226.145.64 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-64.dus51.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

sejs.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.226.145.123 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-123.dus51.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.157 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.193.35 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-35.fra2.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.10.67.84 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-67-84.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-34.fra50.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.71.11.164 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.197.53 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-53.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

hb.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-61.fra2.r.cloudfront.net

d1v9u0bgi1uimx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.53.17 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.166 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-166.fra2.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-100.fra53.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.88.138.85 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.78.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.47.30 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:48b::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.186.239.238 (Mountain View, United States)

ASN15169 (GOOGLE, US)

p3.eyereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
o2.eyereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.eyereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.255.237 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-237.fra6.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.193.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-39.fra2.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.70.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-70-75.deploy.static.akamaitechnologies.com

resources.eyereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.152.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.190.14.224 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.15 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-15.fra2.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.211.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-211-240.compute-1.amazonaws.com

srv-2020-09-01-19.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.91.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.112.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.25.50 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 50.25.190.35.bc.googleusercontent.com

prometheus-ix.eyereturn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

torontostar-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.89 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

af480b5e882dba2da434d044020692d6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.111.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

emeter-nam.mppapi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	thestar.com 2 redirects thestar.com www.thestar.com images.thestar.com resources.thestar.com misc.thestar.com s.thestar.com api.thestar.com	2 MB
23	eyereturn.com p3.eyereturn.com resources.eyereturn.com o2.eyereturn.com cm.eyereturn.com prometheus-ix.eyereturn.com	22 KB
15	petametrics.com cdn.petametrics.com query.petametrics.com	64 KB
8	adnxs.com secure.adnxs.com	8 KB
6	googlesyndication.com af480b5e882dba2da434d044020692d6.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	12 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	99 KB
5	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	95 KB
4	rubiconproject.com fastlane.rubiconproject.com	9 KB
4	cloudfront.net d5phz18u4wuww.cloudfront.net d1v9u0bgi1uimx.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	77 KB
4	moatads.com sejs.moatads.com mb.moatads.com px.moatads.com z.moatads.com	95 KB
3	openx.net 1 redirects torontostar-d.openx.net eu-u.openx.net	1 KB
3	githubusercontent.com raw.githubusercontent.com	150 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	demdex.net dpm.demdex.net torontostarnewspaperslimited.demdex.net	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	1 KB
2	facebook.com www.facebook.com	477 B
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	800 B
2	studiostack.com sr.studiostack.com	9 KB
2	parsely.com cdn.parsely.com srv-2020-09-01-19.pixel.parsely.com	23 KB
2	bing.com bat.bing.com	8 KB
2	facebook.net connect.facebook.net	166 KB
2	t.co t.co	595 B
2	gstatic.com fonts.gstatic.com	114 KB
2	districtm.io hb.districtm.io dmx.districtm.io	618 B
2	ads-twitter.com static.ads-twitter.com	4 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	mppapi.io emeter-nam.mppapi.io	212 B
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	adsrvr.org match.adsrvr.org	543 B
1	rlcdn.com api.rlcdn.com	328 B
1	reddit.com alb.reddit.com	213 B
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	googletagservices.com www.googletagservices.com	18 KB
1	licdn.com snap.licdn.com	2 KB
1	redditstatic.com www.redditstatic.com	6 KB
1	amazonaws.com s3.amazonaws.com	386 B
1	indexww.com js-sec.indexww.com	37 KB
1	pressboard.ca adserver.pressboard.ca	959 B
1	googletagmanager.com www.googletagmanager.com	51 KB
180	44

	Domain	Requested by
33	www.thestar.com	1 redirects www.thestar.com
14	query.petametrics.com	www.thestar.com
8	secure.adnxs.com	js-sec.indexww.com
8	prometheus-ix.eyereturn.com	js-sec.indexww.com
8	p3.eyereturn.com	www.thestar.com
8	images.thestar.com	www.thestar.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
5	resources.thestar.com	www.thestar.com resources.thestar.com
4	fastlane.rubiconproject.com	js-sec.indexww.com
4	cm.eyereturn.com	www.thestar.com o2.eyereturn.com resources.thestar.com
4	misc.thestar.com	www.thestar.com misc.thestar.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	raw.githubusercontent.com	misc.thestar.com
3	s.thestar.com	resources.thestar.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
2	www.facebook.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	torontostar-d.openx.net	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	o2.eyereturn.com	resources.eyereturn.com o2.eyereturn.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	api.thestar.com	www.thestar.com
2	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
2	px.ads.linkedin.com	1 redirects www.thestar.com
2	bat.bing.com	www.googletagmanager.com www.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	analytics.twitter.com	platform.twitter.com static.ads-twitter.com
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	t.co	www.thestar.com
2	fonts.gstatic.com	fonts.googleapis.com
2	static.ads-twitter.com	www.thestar.com www.googletagmanager.com
2	fonts.googleapis.com	www.thestar.com misc.thestar.com
1	emeter-nam.mppapi.io	www.thestar.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	af480b5e882dba2da434d044020692d6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	eu-u.openx.net	js-sec.indexww.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	dmx.districtm.io	js-sec.indexww.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.thestar.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	srv-2020-09-01-19.pixel.parsely.com	www.thestar.com
1	alb.reddit.com	www.thestar.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	resources.eyereturn.com	www.thestar.com
1	www.googletagservices.com	www.thestar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	snap.licdn.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	s3.amazonaws.com	resources.thestar.com
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	d1v9u0bgi1uimx.cloudfront.net	www.thestar.com
1	z.moatads.com	www.thestar.com
1	hb.districtm.io	www.thestar.com
1	js-sec.indexww.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	px.moatads.com	www.thestar.com
1	mb.moatads.com	sejs.moatads.com
1	www.googletagmanager.com	www.thestar.com
1	platform.twitter.com	1 redirects
1	sejs.moatads.com	www.thestar.com
1	thestar.com	1 redirects
180	72

This site contains links to these domains. Also see Links.

Domain
torontostar.pressreader.com
diversions.thestar.com
www.homefinder.ca
www.insurancehotline.com
www.canadastays.com
toriservices.newscyclecloud.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2018-10-03` - `2020-10-19`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2020-01-17` - `2021-03-17`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-02-18` - `2021-02-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
cdn.petametrics.com Let's Encrypt Authority X3	`2020-07-13` - `2020-10-11`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
www.redditstatic.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.eyereturn.com Go Daddy Secure Certificate Authority - G2	`2018-11-07` - `2020-11-20`	2 years	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2019-11-06` - `2021-01-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
s.thestar.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.liftigniter.com Let's Encrypt Authority X3	`2020-07-29` - `2020-10-27`	3 months	crt.sh
*.pixel.parsely.com Let's Encrypt Authority X3	`2020-07-30` - `2020-10-28`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-24` - `2021-05-07`	8 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.mppapi.io Sectigo RSA Organization Validation Secure Server CA	`2020-07-08` - `2022-07-08`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 946552844EEEFCCB8A5BDE3BEDF6F708
Requests: 159 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Frame ID: D12A63749C809134CA4D2723128B9AB0
Requests: 9 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 995A67320EADCBE7E87D2C7E8C509E86
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=b846aece-0593-4d62-982b-779a22b235ef&gdpr=1
Frame ID: D63E47F7442BBA62256FAF119C517189
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: AA89D34BEB4B81AC90938A2BAA6E69A3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

180
Requests

100 %
HTTPS

26 %
IPv6

44
Domains

72
Subdomains

57
IPs

9
Countries

2683 kB
Transfer

9602 kB
Size

14
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://torontostar.pressreader.com/
Title: Today’s paper

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.insurancehotline.com/
Title: Insurance Hotline

Search URL Search Domain Scan URL

URL: https://www.canadastays.com/
Title: CanadaStays

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/join
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 62

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1598987683190&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1598987683190&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=&cs_ak_ss=1

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&time=1598987683217 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26time%3D1598987683217%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&time=1598987683217&liSync=true

Request Chain 80

https://cm.everesttech.net/cm/dd?d_uuid=17894407603682857054251303885942488178 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X06dpAAABNFN8y3-

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=eyereturn_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eyereturn_dmp&google_cm=&google_tc= HTTP 302
https://cm.eyereturn.com/ggl-dmp/?id=&google_gid=CAESEIA1YbggWZGC5wjZhyWGkYY&google_cver=1

Request Chain 133

https://torontostar-d.openx.net/w/1.0/arj?auid=540273841%2C540273844%2C540273842%2C540273838&aus=728x90%2C970x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._YaOcZZzC&cache=1598987685393&ttduuid=cd0fd416-4099-4bd6-b9fa-e46e30fddd8e HTTP 302
https://torontostar-d.openx.net/w/1.0/arj?cc=1&auid=540273841%2C540273844%2C540273842%2C540273838&aus=728x90%2C970x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._YaOcZZzC&cache=1598987685393&ttduuid=cd0fd416-4099-4bd6-b9fa-e46e30fddd8e

180 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

https://thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

381 KB
76 KB

158ms
157ms

Document
text/html

13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

98455934487df28a62d9947aa6f4e2214bc96accfbb88a28aa2e397b9434b507

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.thestar.com
:scheme: https
:path: /?redirect=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: selectedCity=thestar
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180 no-cache="set-cookie"
content-encoding: gzip
date: Tue, 01 Sep 2020 19:12:57 GMT
etag: W/"5f477-L7ekY5pqkIswors1LH0li5OS93M-gzip"
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: NuGfQdGwB5v21gVq5HGXuJ_ppF50UEDGzmDAdHX0XP3wmGbrQ4bovg==
age: 104

Redirect headers

status: 302
content-length: 0
location: https://www.thestar.com/?redirect=true
server: CloudFront
date: Tue, 01 Sep 2020 19:14:41 GMT
set-cookie: selectedCity=thestar; Path=/; Expires=Wed, 01 Sep 2021 19:14:41 GMT
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 9TY-WfkTrFgWBSRi20S4RFwaIGl7gV7zr56rnTHWiXpALZwivK65jw==

GET
H2 200 icon
fonts.googleapis.com/ 574 B
465 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 19:14:41 GMT
server: ESF
date: Tue, 01 Sep 2020 19:14:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Sep 2020 19:14:41 GMT

GET
H2 200 0.css
www.thestar.com/static/ 12 KB
3 KB 156ms
155ms Stylesheet
text/css 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/0.css?v=696222734adcd90c8aed

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

79a85dff191a649a1406d7bd4207028eb32bda0f280e4f1983bf9de41dbaa92b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:10:12 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 269
x-cache: Hit from cloudfront
status: 200
content-length: 2136
access-control-allow-origin: https://amp.thestar.com
last-modified: Mon, 31 Aug 2020 18:42:59 GMT
server: Apache
etag: W/"2f5f-17445d45d36-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=300, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 7PFdIqfAfXDrKeW79GENitG9QP2yaBZSmTAyJ4ene3o-_-N-l3OKDA==

GET
H2 200 bundle.css
www.thestar.com/static/ 2 MB
125 KB 323ms
322ms Stylesheet
text/css 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a47585e824e064080ed966d1b35744a6cd1e8b965c89de402528bc14adb55011

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:41 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: https://amp.thestar.com
last-modified: Mon, 31 Aug 2020 19:00:57 GMT
server: Apache
etag: W/"20fc61-17445e4cf0e-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=300, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: Uqj1YkiwBqMY42BeRsZBqryf3xkTPsd0-Jy4fkL_RQdmBbPAsGMBJw==

GET
H2 200 25.css
www.thestar.com/static/ 5 KB
1 KB 155ms
155ms Stylesheet
text/css 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/25.css?v=1414321e524807370b99

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a33a0675bba4907770c1cd92acab77ac90764e8c698a63200c974af07cbb8259

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 19:25:40 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 85741
x-cache: Hit from cloudfront
status: 200
content-length: 709
access-control-allow-origin: https://amp.thestar.com
last-modified: Mon, 31 Aug 2020 18:42:59 GMT
server: Apache
etag: W/"1309-17445d45d3a-gzip"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=300, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: dVNWLZtQ3cXGHFK4qIwqxu4aEhKCcSnyXV9YlZ0-DvypWpEn46aGgA==

GET
H/1.1 200
OK yi.js Show response
sejs.moatads.com/torontoprebidheader623296055317/ 95 KB
36 KB 125ms
52ms Script
application/x-javascript 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: db8b6f78d1ac8abe5f58916b21eb3b9a2574a20054b8849071edf99608469e3c

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:42 GMT
Content-Encoding: gzip
Server: AmazonS3
x-amz-request-id: 3EF3152F2D6370FF
ETag: "653409160190eedc16b8edd71280c464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=23234
Connection: keep-alive
Content-Length: 36925
x-amz-id-2: V8F0irbwlOpm11akKZzbnH9/arLcUEPTXxgafcmCnJ3DZc3ZUAm0DPot6JVAorepTKiwXuD2zKI=

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
457 B 119ms
119ms Script
application/javascript 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:00:20 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 11661
x-cache: Hit from cloudfront
status: 200
content-length: 22
last-modified: Mon, 31 Aug 2020 18:43:07 GMT
server: Apache
etag: W/"16-17445d47b19"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: -KgT_Xqes-lo0uglSJt7-TbyjuOhBMOT9TGeWZscZcXQJwpdMGHw_Q==

GET
H2 200 loading-spinner.svg
www.thestar.com/assets/img/ 3 KB
4 KB 123ms
123ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/loading-spinner.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:19:35 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 10507
x-cache: Hit from cloudfront
status: 200
content-length: 3412
last-modified: Mon, 31 Aug 2020 18:43:07 GMT
server: Apache
etag: W/"d54-17445d47aed"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: vo51yuJnQAjRwTp_rYaxAMc8gfQ3cQ99qOprIv4zv4N7Pj7YPLgAKw==

GET
H2 200 logo-thestar.svg
www.thestar.com/assets/svg/ 2 KB
2 KB 117ms
117ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

e04bcc5dba6b1111f97104574d0074b53b649b0eb815ce17548af5180c20b279

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 17:04:45 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 7797
x-cache: Hit from cloudfront
status: 200
content-length: 1854
last-modified: Mon, 31 Aug 2020 18:43:07 GMT
server: Apache
etag: W/"73e-17445d47b4d"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Otzs_SBmxOHh0MBBP82ERy3NRdGx-YizmESxvO_4-K-0IoYISaWi_g==

GET
H2 200 Cohn_Martin_Regg_logo_2015.JPG
images.thestar.com/AA2-IEz94ZhvQTcEsf57WeWkYgM=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 388ms
137ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/AA2-IEz94ZhvQTcEsf57WeWkYgM=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Cohn_Martin_Regg_logo_2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5c04dfc7f668ad410b61e26c92b799114093db101c23e4fe41dcf16e4ab1c588

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 12:02:30 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 198732
etag: "be0c24c2cba10843f448b51296366f13a6ff0c30"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 2695
x-amz-cf-id: VTUnz8TTuH1M2qjUqengrcBt3TBh22Gd2kE6iQUCYsZ1b-NkQ7vt2Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Mallick_Heather_logo2015.JPG
images.thestar.com/hPM5Gu4-ZPEH14X3PYctojLwz-Q=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/ 3 KB
3 KB 169ms
122ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/hPM5Gu4-ZPEH14X3PYctojLwz-Q=/100x100/smart/https://www.thestar.com/content/dam/thestar/columnist_logos/Mallick_Heather_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 66420283f03f88e268b56199478822906f80c70a46e679d5c1bc0f761b5f038e

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 11 Apr 2020 09:53:59 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 12388843
etag: "fc044eaa3723ac9210eeb8ba2feb0363f3aac628"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 2810
x-amz-cf-id: emxtM_T0Uz82EY_gY5XoVoHj_rCGaTpq1ciShFoqZqu7iLXbGT_hBQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wsjlogo-black.svg
www.thestar.com/content/dam/thestar/static_images/wsj/ 6 KB
6 KB 308ms
304ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestar.com/content/dam/thestar/static_images/wsj/wsjlogo-black.svg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-64.dus51.r.cloudfront.net
Software: Apache/2.2.34 (Amazon) /
Resource Hash: 41ab17884b85615b28665ca7c61f8030f0016b6f4119e24e8704fa4980ea0ef9

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jun 2018 18:26:37 GMT
server: Apache/2.2.34 (Amazon)
x-amz-cf-pop: DUS51-C1
etag: "112b3588-17b7-56e61e3dff898"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=900, private, must-revalidate
accept-ranges: bytes
content-length: 6071
x-amz-cf-id: dWhFgcm4PFJIzXxdfNUAwC6pZA5om5zvWTNZ10W2ka1Dwsr2gtqw2Q==
expires: Tue, 01 Sep 2020 19:29:42 GMT

GET
H2 200 brandmark-thestar.svg
www.thestar.com/assets/svg/ 263 B
683 B 128ms
124ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/brandmark-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

d46ed64f5306f60810a0bb3fda0b6c9cfdb553878abc7bf68320ca1309f2a73f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 15:48:15 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 12387
x-cache: Hit from cloudfront
status: 200
content-length: 263
last-modified: Mon, 31 Aug 2020 19:01:06 GMT
server: Apache
etag: W/"107-17445e4f17e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: AnIOykflKgrssTB8ghWfALaMIbRNeHfyCwYDyMtUtOFiFo1XoNP_1w==

GET
H2 200 app-store.svg
www.thestar.com/assets/svg/ 8 KB
8 KB 129ms
125ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/app-store.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 15:49:45 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 12297
x-cache: Hit from cloudfront
status: 200
content-length: 7779
last-modified: Mon, 31 Aug 2020 18:43:07 GMT
server: Apache
etag: W/"1e63-17445d47b49"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: J4BWKJCmgG17z7vevpa6zUX4W3tGP8QusrMSdF5o5B2eLZziEQD57Q==

GET
H2 200 google-play.svg
www.thestar.com/assets/svg/ 10 KB
11 KB 128ms
124ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/google-play.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:20:11 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 10471
x-cache: Hit from cloudfront
status: 200
content-length: 10329
last-modified: Mon, 31 Aug 2020 19:01:06 GMT
server: Apache
etag: W/"2859-17445e4f17e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: H8A8FbsW_6UZQEfOirzUxYzQTC4WyFi2GoxpSXg77jEJOQ5ahER6wQ==

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

5 KB
2 KB

98ms
34ms

Script
application/javascript

151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:41 GMT
content-encoding: gzip
age: 78148
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1598987682.891299,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

Redirect headers

date: Tue, 01 Sep 2020 19:14:41 GMT
status: 301
vary
x-cache: HIT
location: https://static.ads-twitter.com/oct.js
retry-after: 0
accept-ranges: bytes
content-length: 0
tw-cdn: FT
x-served-by: cache-hhn4076-HHN

GET
H2 200 vendor.chunk.js Show response
www.thestar.com/static/ 1 MB
347 KB 316ms
312ms Script
application/javascript 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

40ec37e4cc819c782303c935a3eefcd7a555500d25960c99dfe236098eb93fee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: https://amp.thestar.com
last-modified: Mon, 31 Aug 2020 18:42:59 GMT
server: Apache
etag: W/"148f9a-17445d45d6a-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=300, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 02kGciMLwk3waW6YPLKGSWrR6U5o17OrQ8BscZrbAj3WAPD8sYKHow==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
226 KB 332ms
329ms Script
application/javascript 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=2fd58339

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

1da99f34955d61c70e7980406f1692f1a0f3c838b777fc6afafb060614998886

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: https://amp.thestar.com
last-modified: Mon, 31 Aug 2020 19:01:14 GMT
server: Apache
etag: W/"11b768-17445e5124b-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=300, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: 5GLbTk_0E7nn8502Oq5HXqwjR9umB77kp_3xEIyAN7OntmhIb45JZg==

GET
H2 200 components-Html5ForSections-Html5ForSections.chunk.js Show response
www.thestar.com/static/ 1 KB
1 KB 261ms
257ms Script
application/javascript 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/components-Html5ForSections-Html5ForSections.chunk.js?v=7b98775c

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

03469b64341c00b83579cc88a6ccb51601d87a2c7f5b68c5e4d5ee7e96d2f241

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 555
access-control-allow-origin: https://amp.thestar.com
last-modified: Mon, 31 Aug 2020 18:42:58 GMT
server: Apache
etag: W/"4da-17445d459dd-gzip"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control: max-age=300, no-cache="set-cookie"
accept-ranges: bytes
x-amz-cf-id: Vaok2xGwHcKrxtw8ApuYLWKDIbQfBzPCLPb9CpIoRx0gR413JurHLg==

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 391 KB
70 KB 113ms
38ms Script
text/javascript 13.224.193.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6857cc8e3a69db207d552a102377c7fed752998d141984b5f3c66de502b3b9fc

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: HGsIdC5AdMBzpD53HL1Aa_7bOTv0Lw06
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 15:12:07 GMT
server: AmazonS3
age: 68657
etag: "0f96b5360390bd2202cea3b850aca678"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
date: Tue, 01 Sep 2020 00:10:26 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Z69fdik6xKltpCFxr6TA6pYxcEjytYYo54CHuDxR289hG-hYmw2ltw==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
51 KB 33ms
29ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbdd0b7da79a1b419214ebbbbfe3d228ba35974e4580376a47618e2966e71371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: br
vary: *
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51988
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 11 KB
3 KB 87ms
30ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.2694751539895417
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 38aca3bbb23de0021f23f452001fde8c0572aeb05d468a20e5a31f71482bfe4b

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: gzip
server: gfra1
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google
content-type: application/javascript; charset=UTF-8

GET
H2 200 yi.js Show response
mb.moatads.com/ 4 KB
4 KB 110ms
37ms Script
text/html 3.10.67.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi.js?ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=4007238046&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&qp=00000&is=&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=00&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&confidence=2&pcode=torontoprebidheader623296055317&callback=MoatNadoAllJsonpRequest_88266038
Requested by: Host: sejs.moatads.com
URL: https://sejs.moatads.com/torontoprebidheader623296055317/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.67.84 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-67-84.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 4c1707b36726345f0279a136d33a53bcc7b7fa2f13b5b2eb781ba04e594ee245

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
server: TornadoServer/4.5.3
etag: "652080516b7e35392c1d7114bd608a1f31ec6309"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 4011

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 115ms
41ms Image
image/gif 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1598987682254&de=769172811017&d=TORONTO_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=31f9dba90d-clean&iw=3d8f022&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=thestar.com&bd=thestar.com&ac=1&bq=11&f=0&na=1287403730&cs=0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 01 Sep 2020 19:14:42 GMT

GET
H3-Q050 200 track-3ef5a52a7627f1552dfad5913e44f018.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 11 KB
4 KB 59ms
29ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/track-3ef5a52a7627f1552dfad5913e44f018.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.2694751539895417
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 06de7a963eb7c647e35c59fac727265b316e112e298cd0d2318da314efdc6a3a

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 11:31:24 GMT
server: gfra1
status: 200
etag: "5f4cdf8c-e12"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3602
via: 1.1 google

GET
H3-Q050 200 opa-a4111607dc5ce718c2993c75e25e5d78.js Show response
dev.visualwebsiteoptimizer.com/analysis/3.0/ 82 KB
21 KB 60ms
30ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.2694751539895417
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 9d1d20907ba83d3f3470e59e4304e94a093514d204330dde7afea7056c13febd

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: br
last-modified: Tue, 21 Jul 2020 12:27:40 GMT
server: gfra1
status: 200
etag: "5f16df3c-5558"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21848
via: 1.1 google

GET
H3-Q050 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
172 B 117ms
114ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=D16CF7779F46A2168913B0D7C4A25E3F8&h=f0e45d1c11be6bd0a385af680346c913&r=0.9228917294697871

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:42 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 99ms
31ms Script
text/javascript 143.204.101.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-34.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 01 Sep 2020 19:06:42 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
Age: 481
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: AAIWjuO4VT5H0RIHZuwG8sqt_H-VcUGn5KkDryJRw4I9w4VJMuJKZA==

GET
H3-Q050 200 vis_opt-3ef5a52a7627f1552dfad5913e44f018.js Show response
dev.visualwebsiteoptimizer.com/6.0/ 195 KB
57 KB 31ms
30ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/6.0/vis_opt-3ef5a52a7627f1552dfad5913e44f018.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 7a747152c49590700fc14ccd71408ea3b979333f791260762fc5b8a1d8fd8a77

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 11:31:24 GMT
server: gfra1
status: 200
etag: "5f4cdf8c-e256"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57942
via: 1.1 google

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 357 B
959 B 627ms
141ms Script
application/x-javascript 40.71.11.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.164 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4f1dda5ec79ce75f376620c0b43607e3cd122b826130c455d96fada2f79298b4

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 395
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H/1.1 200
OK 181778-254412191205210.js Show response
js-sec.indexww.com/ht/p/ 131 KB
37 KB 796ms
720ms Script
text/javascript 95.100.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3005d413536a040c9b38dc7e7065ff922e85846b28ea78a4951927eb94cc1a6a

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 19:11:25 GMT
Server: Apache
ETag: "da1841-20c67-5ae45491107e5"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3577
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 37823
Expires: Tue, 01 Sep 2020 20:14:20 GMT

GET
H2 204 ron.torstar.js Show response
hb.districtm.io/prod/101918/ 0
410 B 71ms
24ms Script
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.districtm.io/prod/101918/ron.torstar.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 5cc150d8685aee07-CDG
access-control-allow-headers: Content-Type, Origin
cf-request-id: 04ecb0db3f0000ee0748a01200000001

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 115ms
39ms Script
application/x-javascript 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=15272
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H/1.1 200
OK sso_lite.js Show response
d1v9u0bgi1uimx.cloudfront.net/static/ 18 KB
19 KB 98ms
31ms Script
application/javascript 13.225.78.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1v9u0bgi1uimx.cloudfront.net/static/sso_lite.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.61 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-61.fra2.r.cloudfront.net

Software

Apache-Coyote/1.1 /

Resource Hash

43caeb3e87603abaebd386740be1d23028eece94cd2f7f3b8a66e09694e43a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 18:20:32 GMT
Via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 3251
X-Cache: Hit from cloudfront
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-SSO-Instance: SSO1-sso-3.5.0+216
Content-Length: 18635
Last-Modified: Tue, 16 Apr 2019 19:03:14 GMT
Server: Apache-Coyote/1.1
ETag: W/"18635-1555441394000"
Content-Type: application/javascript
EC2-instance-id: i-0e22458e8927ddc7c, i-0e22458e8927ddc7c
Cache-Control: public,max-age=3600
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: qHq7w70Ppq4yHI5TuU9CW-24PBYXfKse67fPXUKh9RzByP5GPOlZiQ==

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 130ms
130ms Image
image/svg+xml 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 17:35:45 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 5937
x-cache: Hit from cloudfront
status: 200
content-length: 703
last-modified: Mon, 31 Aug 2020 18:43:11 GMT
server: Apache
etag: W/"2bf-17445d48a5e"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: IHdfQzJVPwQaZDCWmthrzjLrw6bB7MFb1yNeVMnvWZOHUOgx5i_-Iw==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
53 KB 131ms
127ms Font
font/woff2 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 17:52:03 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 4959
x-cache: Hit from cloudfront
status: 200
content-length: 54304
last-modified: Mon, 31 Aug 2020 18:43:11 GMT
server: Apache
etag: W/"d420-17445d48a2a"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: NwGXJGdz2pZOXDCV8xlRCbyUbpKISHoibvnX5ymPyf0yGWinbCfqXQ==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 131ms
128ms Font
font/woff2 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:42:18 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 9144
x-cache: Hit from cloudfront
status: 200
content-length: 56380
last-modified: Mon, 31 Aug 2020 19:01:05 GMT
server: Apache
etag: W/"dc3c-17445e4f0ea"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Y6fJHUg6s_J2i9l8Cy8NegFFK8IQwG4akMzsPWHPjPyqrczp1NBk6Q==

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v55/ 81 KB
81 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v55/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thestar.com
Referer: https://fonts.googleapis.com/icon?family=Material+Icons
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 26 Aug 2020 20:22:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:12:32 GMT
server: sffe
age: 514312
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82492
x-xss-protection: 0
expires: Thu, 26 Aug 2021 20:22:50 GMT

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 130ms
128ms Font
font/woff2 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 17:24:13 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 6629
x-cache: Hit from cloudfront
status: 200
content-length: 18736
last-modified: Mon, 31 Aug 2020 18:43:07 GMT
server: Apache
etag: W/"4930-17445d47ab1"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: l_pll-1V229dmcTI_VMMXXikgtQ3Ycx7oBQnWt5xyWvOTJB-hRkqnw==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 130ms
128ms Font
font/woff2 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:13:10 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 10892
x-cache: Hit from cloudfront
status: 200
content-length: 55032
last-modified: Mon, 31 Aug 2020 19:01:20 GMT
server: Apache
etag: W/"d6f8-17445e5295f"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: pMlHQAXi9ksHqf2avFlmiQR9zwSgeYO3a6iejs1Y5WrXgOeygU8QXw==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 130ms
128ms Font
font/woff2 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 15:53:26 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 12076
x-cache: Hit from cloudfront
status: 200
content-length: 19052
last-modified: Mon, 31 Aug 2020 18:43:11 GMT
server: Apache
etag: W/"4a6c-17445d48a26"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: qOIekkYIlsoWBmKigHFLsXucCGsdwCZWbJyaIaEDrERM-ItY20N0tQ==

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
24 KB 137ms
136ms Font
font/ttf 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:20:44 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 10438
x-cache: Hit from cloudfront
status: 200
content-length: 24616
last-modified: Mon, 31 Aug 2020 18:43:11 GMT
server: Apache
etag: W/"6028-17445d48a26"
x-frame-options: SAMEORIGIN
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: vuQI_0iaWcpLIgpWuhp1pQxE4PxpxhIvdUo9PLHqb7-xMk4DqmQHdg==

GET
H2 200 star-icons.ttf
www.thestar.com/static/ 20 KB
20 KB 305ms
304ms Font
font/ttf 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/star-icons.ttf?1e90cd8c4c70e95bf450c0b0f54d2e3d

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/0.css?v=696222734adcd90c8aed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

c702ffb46573278d0f6c63c04178448cb45a0c8e9fb357a9529470ad10b1fac1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/0.css?v=696222734adcd90c8aed
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
last-modified: Mon, 31 Aug 2020 19:01:14 GMT
server: Apache
x-amz-cf-pop: DUS51-C1
status: 200
etag: W/"4f9c-17445e5125b"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=300, no-cache="set-cookie"
accept-ranges: bytes
content-length: 20380
x-amz-cf-id: DHU_ucyRJQi0ZYgcd-Kfhp_5-0LaTNh0Ye8b9FhGzBOn6UqwMoEajg==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 117ms
117ms Font
font/woff2 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://www.thestar.com
Referer: https://www.thestar.com/static/bundle.css?v=8932803c9738daf1cb79
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 15:47:32 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
age: 12430
x-cache: Hit from cloudfront
status: 200
content-length: 53664
last-modified: Mon, 31 Aug 2020 18:43:07 GMT
server: Apache
etag: W/"d1a0-17445d47ab9"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: dmpQ4TaGJAbfGvTop8D9XyRsmG8d5t3j7nsTNeT7aPKJGvFxmlaqGg==

GET
H2 200 adsct
t.co/i/ 43 B
448 B 200ms
144ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Tue, 01 Sep 2020 19:14:42 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c006a38f44a9ed991f05494e85967976
x-transaction: 000d3bd80047c241
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: +rbYHv+XGamrJ3aXhwwdx1FpSJRdF/chYpBvpfYP5vKFhZD8mbNI5ux2Lsb3s5ie854DU7+Pom6/ZvWHPps4Xw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 01 Sep 2020 19:14:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 329ms
262ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 02 Sep 2020 19:14:43 GMT

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
523 B 501ms
425ms Image
image/gif 13.225.84.166
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.166 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-166.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:44 GMT
Via: 1.1 e56e6732f380db727425bac2d6158761.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: OH4VMA922O8jTG4g6h4rS0xfwTXvfpTyu1ygqAS72T--4My-zJs2Fw==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 105ms
30ms Script
application/x-javascript 143.204.208.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.208.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-100.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 09:24:20 GMT
Via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
Age: 35400
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/x-javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: EZLs4-YIP8dQ5FQPLqKhHOKLNXYWR4kVR7_gj93hwZalk6dXWX2pZA==
Expires: Wed, 02 Sep 2020 09:24:20 GMT

GET
H/1.1 200
OK q9fqmmutk5a97trs.js Show response
cdn.petametrics.com/ 161 KB
56 KB 372ms
172ms Script
application/javascript 146.88.138.85
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs.js?ts=444163
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.88.138.85 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e28062146eb4a7f4fef812a9d2283fc90f20954302fe714b7af29c5c6cf1ee52

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:43 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Aug 2020 02:59:02 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 2A92444087BD8399
ETag: W/"714a97f3f2ea4b780a76c398bff0dfbf"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-version-id: .beiDnPmT767OSfKZjqgoqoNhLbYCND4
x-amz-id-2: vxKjLPZwbj2MtBjVe7/FlFzQdN/dXZBqe3/ONRsIyZVcUIriFsBs1zFOPua0Jui+pnyKQ4s3u6k=
Expires: Wed, 02 Sep 2020 19:14:43 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
649 B 241ms
160ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nuz9l&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 126
pragma: no-cache
last-modified: Tue, 01 Sep 2020 19:14:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 37295e7b600220dec4612ccca3c645b3
x-transaction: 0093408000b234e8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 worker-1acd6955248e984d8c16ea37afb8cbb7.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
14 KB 60ms
30ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-1acd6955248e984d8c16ea37afb8cbb7.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/3.0/opa-a4111607dc5ce718c2993c75e25e5d78.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: br
last-modified: Mon, 16 Mar 2020 04:40:32 GMT
server: gfra1
status: 200
etag: "5e6f0340-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 185ms
43ms XHR
application/json 52.30.78.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1598987683123

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f6b26dced3ed21913706b5d0c6e9c60b9528fc5582b6e20f792c254eca09ce7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v079-093777db9.edge-irl1.demdex.com 5.77.1.20200812153735 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: hjje8nQFQbw=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 319
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/hostedLibFiles/EP7b1fa4581fb94dd0961a981af9997765/ 33 KB
12 KB 34ms
34ms Script
text/javascript 13.224.193.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/hostedLibFiles/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ZH9O9CXcYe0MHrFO5.yUYyG13bqlUoK_
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 15:12:04 GMT
server: AmazonS3
age: 68635
etag: "41f1b46329a6056c0f2c993498eda989"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
date: Tue, 01 Sep 2020 00:10:49 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HWM8TanZu0cSY66Pc63BNaDTOD17bdDVH0aqquq_PeXYYAycqFe63A==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/hostedLibFiles/EP7b1fa4581fb94dd0961a981af9997765/ 3 KB
2 KB 34ms
34ms Script
text/javascript 13.224.193.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/hostedLibFiles/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s9XZjrWvoqB4oRxa_N_IxHWN4RoseIo3
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 15:12:04 GMT
server: AmazonS3
age: 68656
etag: "e9aa55ef8b40a205f86b54789b37de5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
date: Tue, 01 Sep 2020 00:10:28 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: fAEEMrFbmEoPMnbHB0PeI5JwpO5sCaCjgbQzJOL3QSByO5cMXEJ1rA==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)

GET
H/1.1 200
OK adframe.js Show response
s3.amazonaws.com/tracking.zuza.com/omniture/ 16 B
386 B 685ms
168ms Script
application/x-javascript 52.217.47.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/tracking.zuza.com/omniture/adframe.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:44 GMT
Last-Modified: Tue, 13 Dec 2016 15:35:12 GMT
Server: AmazonS3
x-amz-request-id: 4WEX8KAM7RBR2Y3M
ETag: "760222d2e529d3e84eb01378cfc46e2e"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 16
x-amz-id-2: 6nj0IXpuBv4uM35KXOs5BUtvKGQrs+4Lrj28Nkmo5IVxg8HxAjN2Q9HIJmGKoYkIJd4Dp5SaAIg=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 7143
date: Tue, 01 Sep 2020 17:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Tue, 01 Sep 2020 19:15:40 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 17 KB
6 KB 104ms
33ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
content-encoding: gzip
last-modified: Tue, 30 Jun 2020 17:04:46 GMT
server: snooserv
etag: "85ee817cda81317b49d1d3056f6bdf95"
vary: Accept-Encoding,Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 5809
via: 1.1 varnish, 1.1 varnish

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 47ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:42 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: F80FDEC5181343F3BCB106D58F60A239 Ref B: FRAEDGE1419 Ref C: 2020-09-01T19:14:43Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 33ms
9ms Script
application/x-javascript 2a02:26f0:10c:48b::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:48b::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=73478
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 37ms
34ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
content-encoding: gzip
age: 78150
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4074-HHN
last-modified: Mon, 10 Aug 2020 18:10:59 GMT
x-timer: S1598987683.181322,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
258 B 189ms
116ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?r=13811:4838400

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:43 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 64 KB
23 KB 94ms
35ms Script
application/x-javascript 13.35.255.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.255.237 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-255-237.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: d970d81ebaca9550322341019025a9864e4d01ac3452b1d50ad128ac03f2cb7a

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Tue, 01 Sep 2020 02:58:53 GMT
content-encoding: gzip
last-modified: Fri, 10 Jul 2020 18:05:15 GMT
server: nginx
age: 58765
etag: "5f08addb-fe6d"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400, public
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: MPx2FNa-esZ0f5nYXRgGDTHiaaP3UqsaA1yuHlTUkUf4vV8aN1krog==
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
expires: Wed, 02 Sep 2020 02:54:56 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&ns__t=1598987683190&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1598987683190&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%...

0
399 B

35ms
34ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1598987683190&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=&cs_ak_ss=1
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:43 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&ns__t=1598987683190&ns_c=UTF-8&cv=3.5&c8=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:43 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 60ms
34ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=272721891&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1245958470&gjid=1399530002&cid=317915704.1598987683&tid=UA-70431129-1&_gid=1929478965.1598987683&_r=1&gtm=2wg8j2P86MZHL&cd4=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&z=1982244434

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
395 B 51ms
32ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=272721891&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=622774681&gjid=1915952714&cid=317915704.1598987683&tid=UA-73335503-3&_gid=1929478965.1598987683&_r=1&gtm=2wg8j2P86MZHL&z=983380823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&time=1598987683217
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1671964%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&time=1598987683217&liSync=true

0
81 B

117ms
116ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&time=1598987683217&liSync=true
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: eMoXrtO+MBbQvTeVGysAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: kui+qNO+MBbQBinpVCsAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: E173E51A0D0542CAAC650112488183E0 Ref B: FRAEDGE1117 Ref C: 2020-09-01T19:14:43Z
x-frame-options: sameorigin
date: Tue, 01 Sep 2020 19:14:43 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1671964&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&time=1598987683217&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 22 KB
8 KB 570ms
148ms Script
application/x-javascript 40.71.11.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.164 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 121eabad154345bcd867bb65e806914e5596535fd47e1b3e5256b80a3521e13b

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:42 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 8066
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2 204 0
bat.bing.com/action/ 0
148 B 36ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=72674765-9c1b-4ba8-ec98-485b22047a72&sid=adae700ce910bb7f2df371eb3792a2e5&vid=8281b12d44b1652d2a8868d874a22fc0&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=2595&evt=pageLoad&msclkid=N&sv=1&rn=627744
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 01 Sep 2020 19:14:42 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 49BCFD293B014C89910FADAA3B3EE6C1 Ref B: FRAEDGE1419 Ref C: 2020-09-01T19:14:43Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
147 B 146ms
145ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Tue, 01 Sep 2020 19:14:43 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c006a38f44a9ed991f05494e85967976
x-transaction: 00e70ca400c7d60a
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-70431129-1&cid=317915704.1598987683&jid=1245958470&gjid=1399530002&_gid=1929478965.1598987683&_u=YEBAAAAAAAAAAC~&z=462810885

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Sep 2020 19:14:43 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
18 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=2fd58339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a00ec901bb235ad2a8211954f9b3b9aeb27223cc0dc157dfc8f38a288b998bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "620 / 809 of 1000 / last-modified: 1598972935"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18700
x-xss-protection: 0
expires: Tue, 01 Sep 2020 19:14:43 GMT

GET
H2 200 hp-widget.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame D12A 16 KB
4 KB 113ms
42ms Document
text/html 13.224.193.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=2fd58339
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d15b182ff351c118537ef460a31ba46f78fa762ec6f4e980a99dd6d9421847c

Request headers

:method: GET
:authority: misc.thestar.com
:scheme: https
:path: /interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com/?redirect=true
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thestar.com/?redirect=true

Response headers

status: 200
content-type: text/html
last-modified: Fri, 12 Jun 2020 20:10:36 GMT
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
date: Tue, 01 Sep 2020 19:12:24 GMT
etag: "11d5868140f9c5efaf2cd502c601e026"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: BeGSU2640b--ZuPa8UbZms42zZGDJkzBgAVNwg92pv_pstm_x_pf0w==
age: 140

GET
H/1.1 200
OK generic.js Show response
resources.eyereturn.com/dt/6291/ 1 KB
1017 B 103ms
32ms Script
application/javascript 95.100.70.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.eyereturn.com/dt/6291/generic.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=2fd58339
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.70.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-70-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f523e3e4420a4f9bdbeb2dd744a4de9014af64872091bc9746a31b6c8599d743

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 20:32:16 GMT
Server: nginx
ETag: "5977aad0-5bd"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 694

GET
H2 200 MOSTP771-830_2020_043303.jpg
images.thestar.com/ulLjs7ob7-1tH5SksZovNFVWims=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2020/09/01/suspect-in-st-louis-officers-slaying-has-long-crime-record/ 76 KB
77 KB 303ms
303ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ulLjs7ob7-1tH5SksZovNFVWims=/690x460/smart/https://www.thestar.com/content/dam/thestar/news/world/us/2020/09/01/suspect-in-st-louis-officers-slaying-has-long-crime-record/MOSTP771-830_2020_043303.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0464c941eca2b744b11070c32daf15e11e6166751c9060207ea5edd3cebdd994

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:43 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: DUS51-C1
etag: "6cf20ed85047c18ff29df83f9f6f21c0070b910b"
x-cache: Miss from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
content-length: 78199
x-amz-cf-id: HYVS32uSMAtDhtgxT4EYusvVr3OUEaMqTq2vGdL_IWFIiZYrbw197Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 butler.jpg
images.thestar.com/fIO1r2g9nf7H8TVCB1YJ8U0kUno=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/basketball/opinion/2020/09/01/jimmy-butler-should-have-milwaukee-worried-after-spect... 63 KB
64 KB 140ms
140ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/fIO1r2g9nf7H8TVCB1YJ8U0kUno=/690x460/smart/https://www.thestar.com/content/dam/thestar/sports/basketball/opinion/2020/09/01/jimmy-butler-should-have-milwaukee-worried-after-spectacular-game-1-performance/butler.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9cd8eec15e7d2176df3021c1e1efa955d866bfd04dfda82821e8ae98c7990173

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 18:06:35 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 4088
etag: "fb431b6ba7f47e4f3cce027bf757de2b6e7dc247"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 64684
x-amz-cf-id: 8boqxHUTBsKstMPM2WOvyXGEmL3KVNkbLPtijVuP6NF0dM07XPJZ_w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
409 B 114ms
113ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:12:25 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
age: 138
status: 200
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
content-length: 19
x-amz-cf-id: G3eWJv2aop9TF_xlM828omaE9qrZdA6O8Etfy0gJfomqbmURlAE8eg==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
407 B 110ms
110ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:13:17 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
age: 86
status: 200
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
content-length: 19
x-amz-cf-id: uhs9huxd_sTRG9uAgamerP2QS4nW3Nr_uaZp1SsOQJRlhcPeLo6sDw==

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 3 KB
4 KB 102ms
102ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

56be4489371b139867bae6ce84da26f4e9c61dd13085c441b93581f6f64484bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:13:17 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
age: 86
status: 200
etag: W/"dbc-7QZWvCj8n6J0mAQ3QROrjd6dO/Y"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
content-length: 3516
x-amz-cf-id: TejMB-IjpqkAZrNxf5enewDNCpUHxOZhRQwVWwIdMonDbn69-7O1GQ==

GET
H/1.1 200
OK Cookie set dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 995A 0
0 170ms
41ms Document
text/html 63.32.152.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.152.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: torontostarnewspaperslimited.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.thestar.com/?redirect=true
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=17894407603682857054251303885942488178
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thestar.com/?redirect=true

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 13 Aug 2020 10:45:06 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=17894407603682857054251303885942488178;Path=/;Domain=.demdex.net;Expires=Sun, 28-Feb-2021 19:14:44 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: Q6DhpOznTlk=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
s.thestar.com/ 48 B
481 B 144ms
39ms XHR
application/x-javascript 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.0.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=17902815095235589154247650036614669944&ts=1598987683921

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

5813a47c656f1341389c2c80ba1f8fcb89726a42271678f69f55bb52d9472ec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:44 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-75d94f685-8g7dl
vary: Origin
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=X06dpAAABNFN8y3-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=17894407603682857054251303885942488178
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X06dpAAABNFN8y3-

42 B
917 B

763ms
763ms

Image
image/gif

52.30.78.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=X06dpAAABNFN8y3-

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v079-0ff8e2e8b.edge-irl1.demdex.com 5.77.1.20200812153735 721ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: ZEznWPwGQfg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 01 Sep 2020 19:14:43 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=X06dpAAABNFN8y3-
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 doug_ford.jpg
images.thestar.com/W_ffJeud28FcORjPPnoFXzQVZkQ=/330x220/smart/https://www.thestar.com/content/dam/thestar/politics/provincial/2020/09/01/premier-doug-ford-pays-quiet-visit-to-downtown-toronto-eleme... 19 KB
20 KB 179ms
178ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/W_ffJeud28FcORjPPnoFXzQVZkQ=/330x220/smart/https://www.thestar.com/content/dam/thestar/politics/provincial/2020/09/01/premier-doug-ford-pays-quiet-visit-to-downtown-toronto-elementary-school-to-examine-covid-19-precautions/doug_ford.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f96d6e2e4e64f12ff09df4162fc99a9f6753d9dd2e845042aa92795ff90ad7e3

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:45:40 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 8944
etag: "c0abf0a125ba8645b0072b9ab0ba6c838721215a"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 19642
x-amz-cf-id: frQ4zTRB6aZVwR-HxN4VrxgIJqKgg70DKLXtt6IAIu89lMKRKnFjdQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 school.jpg
images.thestar.com/QwzAMqxDlQkwQ_XkpVDS_ptqtNg=/0x0:1200x800/330x220/smart/https://www.thestar.com/content/dam/thestar/news/canada/2020/09/01/coronavirus-news-september-1-covid-19-updates-canada-wo... 16 KB
17 KB 250ms
250ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/QwzAMqxDlQkwQ_XkpVDS_ptqtNg=/0x0:1200x800/330x220/smart/https://www.thestar.com/content/dam/thestar/news/canada/2020/09/01/coronavirus-news-september-1-covid-19-updates-canada-world-pandemic/school.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 977ba5a6db6fa2c3c6122a34e75a6559b3c3c6f0cc25d5863c06718d5d9393cc

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 14:24:57 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 17387
etag: "91e93078a50812870be9114f3f977b521de12297"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 16565
x-amz-cf-id: i0GMOB1cKKMeDfZ1svC-CJZHnl7ujqiHN1ou7L6d-H1PL90Ebl8Y_w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raptors_celtics.jpg
images.thestar.com/tAMps8JCxyDKcaoCXL-5915Muls=/114x76/smart/https://www.thestar.com/content/dam/thestar/sports/doug_smiths_sports_blog/2020/09/01/game-2-blog-raptors-have-history-on-their-side-as-... 7 KB
7 KB 264ms
264ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/tAMps8JCxyDKcaoCXL-5915Muls=/114x76/smart/https://www.thestar.com/content/dam/thestar/sports/doug_smiths_sports_blog/2020/09/01/game-2-blog-raptors-have-history-on-their-side-as-they-look-to-even-up-series-with-celtics/raptors_celtics.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9f0dc60647ef284fb7f35fd44c1c4389d993ad3383ae0cb9256b1e6bec5345aa

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:07:32 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 432
etag: "0fda48f707f53c0fe30a76ffef0cd649f63bea92"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 6763
x-amz-cf-id: zDVOE488nq6HgyiMh8U40bQeFz5-A8RPaZWOgyoQpjUU-ncrlWZD0w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 costco1.jpg
images.thestar.com/Qcru6v9KVtsvraUfdIdkPI1DveE=/0x0:1200x800/114x76/smart/https://www.thestar.com/content/dam/thestar/business/2020/09/01/food-waste-its-the-bill-you-never-receive-but-have-to-pay-f... 4 KB
4 KB 249ms
248ms Image
image/jpeg 13.226.145.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Qcru6v9KVtsvraUfdIdkPI1DveE=/0x0:1200x800/114x76/smart/https://www.thestar.com/content/dam/thestar/business/2020/09/01/food-waste-its-the-bill-you-never-receive-but-have-to-pay-for-and-it-may-be-costing-canadian-households-2000-a-year-as-covid-19-shifts-shopping-habits/costco1.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.123 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-123.dus51.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2aee42d0a47fbcddc983fb79e7878b4a888b3e3f4d3fce227e3a15d2ae2316cb

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 16:22:25 GMT
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
age: 10339
etag: "016c2036774e73a59e092d851e966771645fb9a9"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
content-length: 4162
x-amz-cf-id: k97do1n881QP7faHiVYoQ0ETggt113ak4j2RcGuZsEBBDd0sRwX8Pg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
213 B 187ms
123ms Image
image/gif 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1598987683965&id=t2_kcsr8bo&event=PageVisit&uuid=1f886c5c-84e6-4de4-84b0-cd8a03b75cc2&s=dvCGkWQKMPbnZxFKpwApexzrhb4Y55QlqvTZPqYNfUo%3D
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42
retry-after: 0

OPTIONS
H2 200 model
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ Frame 0
0 186ms
128ms Other
text/plain 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Protocol: H2
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
server: openresty/1.13.6.2
date: Tue, 01 Sep 2020 19:14:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: false
access-control-allow-methods: POST
access-control-allow-headers: Content-Type, Origin
access-control-max-age: 3600
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 model
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ Frame 0
0 187ms
130ms Other
text/plain 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Protocol: H2
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
server: openresty/1.13.6.2
date: Tue, 01 Sep 2020 19:14:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: false
access-control-allow-methods: POST
access-control-allow-headers: Content-Type, Origin
access-control-max-age: 3600
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 model
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ Frame 0
0 188ms
130ms Other
text/plain 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Protocol: H2
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
server: openresty/1.13.6.2
date: Tue, 01 Sep 2020 19:14:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: false
access-control-allow-methods: POST
access-control-allow-headers: Content-Type, Origin
access-control-max-age: 3600
via: 1.1 google
alt-svc: clear

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 10 KB
3 KB 234ms
234ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: df86c427a8bc567996b69e231653e600f24a057a2f59f017131ed368f73fb228

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
content-encoding: gzip
server: openresty/1.13.6.2
status: 200
content-type: application/json
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 5 KB
2 KB 214ms
214ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 55504393e7d97afe007fbc6332d2128502ed804e36e054f1fa3a0fc94ad66ec8

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
content-encoding: gzip
server: openresty/1.13.6.2
status: 200
content-type: application/json
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 5 KB
2 KB 234ms
233ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: a5e26192eda8b6a0667ea08657fe7d65ff360490fb16ab7a3124164044be591a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
content-encoding: gzip
server: openresty/1.13.6.2
status: 200
content-type: application/json
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 35 B
140 B 1241ms
187ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/__activity.gif?e=pageview&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=3763&blst=2591&ist=3735&iet=3739&ts=1598987684011&jsk=q9fqmmutk5a97trs&jsv=20200808&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=a115e395-c1f9-463d-b747-ae3fb6ed8f60&sid=287bb719-ac76-4dab-871a-ff69ff097d24&pvid=063d03c3-7953-4fef-dc6c-a8a22903cbd0&ua=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F83.0.4103.61+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&tzo=-120&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

OPTIONS
H2 200 model
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ Frame 0
0 181ms
130ms Other
text/plain 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Protocol: H2
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
server: openresty/1.13.6.2
date: Tue, 01 Sep 2020 19:14:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: false
access-control-allow-methods: POST
access-control-allow-headers: Content-Type, Origin
access-control-max-age: 3600
via: 1.1 google
alt-svc: clear

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 5 KB
2 KB 218ms
218ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 5d3230127ec33ca8c34b167efb260f829f017ecbf2a2453be07aabb80aaad670

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
content-encoding: gzip
server: openresty/1.13.6.2
status: 200
content-type: application/json
access-control-allow-origin: *
alt-svc: clear
via: 1.1 google

GET
H2 200 17902815095235589154247650036614669944 Show response
api.thestar.com/users/propensity/ 51 B
414 B 1200ms
1200ms XHR
application/json 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/propensity/17902815095235589154247650036614669944
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Tue, 01 Sep 2020 19:14:46 GMT
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: f6f7662f-ebd4-4fe4-8ae2-fcee6df27808
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f4e9da5-30a250639a188c45cea34b2f;Sampled=0
x-amz-apigw-id: SM2R3FAoIAMFVUw=
content-length: 51
x-amz-cf-id: lrAr39vnQLPAp49lmNWYIAme_7j4jtOvzZvlfcSbgod2ssaIQ3yDhQ==

OPTIONS
H2 200 17902815095235589154247650036614669944
api.thestar.com/users/propensity/ Frame 0
0 1401ms
312ms Other
application/json 13.224.193.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/propensity/17902815095235589154247650036614669944
Protocol: H2
Server: 13.224.193.15 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-15.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 0
date: Tue, 01 Sep 2020 19:14:45 GMT
x-amzn-requestid: 647aa0ec-3d56-46b3-9a13-532e0149ba6d
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: SM2R2EvHIAMFcOw=
access-control-allow-methods: GET,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Pmy5H6WtfAAZerocJGlumkavX8YsDjY2ChY7A1j8k8KNV_6Y8opTng==

GET
H/1.1 200
OK /
srv-2020-09-01-19.pixel.parsely.com/plogger/ 43 B
229 B 932ms
169ms Image
image/gif 52.72.211.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv-2020-09-01-19.pixel.parsely.com/plogger/?rand=1598987684033&plid=25787081&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1598987684028&slts=0&title=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&date=Tue+Sep+01+2020+21%3A14%3A44+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=19891767&u=pid%3Dca21fa505b9129ea36090bf55f7da54f
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.211.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-211-240.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:44 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
328 B 1122ms
36ms XHR
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.174.68 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

68.174.244.35.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
status: 451
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
543 B 1147ms
38ms XHR
application/json 54.229.91.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=181778
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.91.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2eac111f3964df8815ea76680a9f84f46a7716f6ab5bccddf0309bcf5bc09406

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 19:14:45 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 01 Oct 2020 19:14:45 GMT

GET
H2 200 pubads_impl_2020082701.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 1140ms
64ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Aug 2020 08:39:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93876
x-xss-protection: 0
expires: Tue, 01 Sep 2020 19:14:45 GMT

GET
H2 200 / Show response
o2.eyereturn.com/ 17 KB
17 KB 117ms
115ms Script
application/javascript 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://o2.eyereturn.com/?site=6291&page=generic
Requested by: Host: resources.eyereturn.com
URL: https://resources.eyereturn.com/dt/6291/generic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 8436f75dfe4abeef26e1542ef77ee103e7da39ec631f1dd0850f3e743691ecb1

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
last-modified: Wed, 04 Dec 2019 22:09:11 GMT
server: openresty
etag: "5de82e87-43f5"
status: 200
p3p: policyref="http://voken.eyereturn.com/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
content-type: application/javascript
alt-svc: clear
content-length: 17397
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 97 B
909 B 1545ms
148ms XHR
application/json 40.71.11.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.71.11.164 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f1708300bcd67dc8342625b22cda07bb7d1552eb30ce92cd82c4dac0a05fb988

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:44 GMT
Content-Encoding: gzip
ETag: W/"61-i2P4OhDl4mdwPPbQp4uMRqkVhU8"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Content-Type
Content-Length: 193
request-context: appId=cid-v1:c374023b-8354-459d-b51b-039919730c2c

GET
H2 200 css
fonts.googleapis.com/ Frame D12A 4 KB
648 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather+Sans:300,400,700

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16d3d12f94cb57adf13852a17da9cd977b449c5abf0d1cd16651c907dc0f4e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 19:14:44 GMT
server: ESF
date: Tue, 01 Sep 2020 19:14:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 01 Sep 2020 19:14:44 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame D12A 207 KB
69 KB 54ms
52ms Script
application/javascript 13.224.193.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:12:26 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
age: 139
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: oC8vvLw5M5PjI0yMHGvMH9idkPG8zQP-VuKgs0sLvKjC5WDhmPgdrQ==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H2 200 arrow.svg
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame D12A 588 B
908 B 72ms
72ms Image
image/svg+xml 13.224.193.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/arrow.svg
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a5025196acb05a5aaee886714c31a4658e49f5a7539e4d8838494c567b87244

Request headers

Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
last-modified: Fri, 12 Jun 2020 20:10:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "23ae4eb14d7a354afd4fcd2a9e2a2149"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
date: Tue, 01 Sep 2020 19:14:44 GMT
content-length: 588
x-amz-cf-id: pm1zDq0FcGftq59srI37cbs1mYBj07lpgkGlxThQ54kSnHaUOXF7bg==

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2
fonts.gstatic.com/s/merriweathersans/v13/ Frame D12A 33 KB
33 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v13/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjXp8Bte.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c356c258bb807439b3546c08829c09b5d354aaa03621bc698a03c091f889552d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://misc.thestar.com
Referer: https://fonts.googleapis.com/css?family=Merriweather+Sans:300,400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:17:07 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Aug 2020 19:50:46 GMT
server: sffe
age: 115057
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33660
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:17:07 GMT

GET
H2 200 ontario.csv Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/ontario-dashboard/ Frame D12A 291 KB
31 KB 46ms
45ms XHR
text/csv 13.224.193.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/ontario-dashboard/ontario.csv
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-39.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0085dc93377519ee43bf8c1cc8367f60d87b5537af9c7a7e6b02c5db8c65037e

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Hz9EwLBd_PDgBH2JjZnPWVFZ2fCCMhKy
content-encoding: gzip
last-modified: Mon, 31 Aug 2020 21:46:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"83e3a508bd21f7b43a4411470584e2ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/csv
status: 200
date: Tue, 01 Sep 2020 19:14:44 GMT
x-amz-meta-version-id: fnPpfaV7n0QDkBGwM0CG3V97NMDe_vUZ
x-amz-cf-id: ne-Zu32tkEQDDJDBZtinoz8iHY9KMdGCpdqXHXXhKmJuhQ4p-xCv_g==
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)

GET
H/1.1 200
OK testing_timeseries_prov.csv Show response
raw.githubusercontent.com/ishaberry/Covid19Canada/master/timeseries_prov/ Frame D12A 77 KB
22 KB 184ms
114ms XHR
text/plain 151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/ishaberry/Covid19Canada/master/timeseries_prov/testing_timeseries_prov.csv

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a1dd36919325e074f1ef32afb1af944c32b3c3b37711a0afd24827daabd847bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: e6acb113af7f98789b43dafa08fb7888caf60667
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT, HIT
X-Cache-Hits: 6, 1
Connection: keep-alive
Content-Encoding: gzip
Vary: Authorization,Accept-Encoding, Accept-Encoding
Content-Length: 21124
X-XSS-Protection: 1; mode=block
X-Served-By: cache-hhn4075-HHN
X-GitHub-Request-Id: AA5C:36A5:25F3274:288794A:5F4E81D3
X-Timer: S1598987684.305765,VS0,VE83
X-Frame-Options: deny
Date: Tue, 01 Sep 2020 19:14:44 GMT
Source-Age: 86
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
ETag: W/"921f23c133dc80b9a1f2f2c6aa2009889b28337455240fe99667fd30684e3edc"
Accept-Ranges: bytes
Expires: Tue, 01 Sep 2020 19:19:44 GMT

GET
H/1.1 200
OK time_series_covid19_confirmed_global.csv Show response
raw.githubusercontent.com/CSSEGISandData/COVID-19/master/csse_covid_19_data/csse_covid_19_time_series/ Frame D12A 235 KB
86 KB 113ms
37ms XHR
text/plain 151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/CSSEGISandData/COVID-19/master/csse_covid_19_data/csse_covid_19_time_series/time_series_covid19_confirmed_global.csv

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57f7bcb1b9f13f309a96266661497a2d1fbc303604bb587aa659b0a2fa356c3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 7cbc7180bf8ddcbf10f693b6372750d461bd7460
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: MISS, HIT
X-Cache-Hits: 0, 1
Connection: keep-alive
Content-Encoding: gzip
Vary: Authorization,Accept-Encoding, Accept-Encoding
Content-Length: 86814
X-XSS-Protection: 1; mode=block
X-Served-By: cache-hhn4059-HHN
X-GitHub-Request-Id: F382:B481:12D9F4:14F919:5F4E8172
X-Timer: S1598987684.315544,VS0,VE1
X-Frame-Options: deny
Date: Tue, 01 Sep 2020 19:14:44 GMT
Source-Age: 99
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
ETag: W/"cde1ae01eca161910fa316d0fd797f5ed3b1b0033685443a4cc23aaf35d873c0"
Accept-Ranges: bytes
Expires: Tue, 01 Sep 2020 19:19:44 GMT

GET
H2 200 / Show response
o2.eyereturn.com/ 771 B
876 B 115ms
115ms Script
application/javascript 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://o2.eyereturn.com/?site=6291&page=homepage&level1=homepage
Requested by: Host: o2.eyereturn.com
URL: https://o2.eyereturn.com/?site=6291&page=generic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: openresty /
Resource Hash: 73a4e23a57acebbfd35b9b3d150f3a585c29be0ccfddd69ff524dbceda7c8939

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
last-modified: Mon, 18 Mar 2019 21:20:02 GMT
server: openresty
etag: "5c900b82-303"
status: 200
p3p: policyref="http://voken.eyereturn.com/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
accept-ranges: bytes
content-type: application/javascript
alt-svc: clear
content-length: 771
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

/
cm.eyereturn.com/ggl-dmp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=eyereturn_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=eyereturn_dmp&google_cm=&google_tc=
https://cm.eyereturn.com/ggl-dmp/?id=&google_gid=CAESEIA1YbggWZGC5wjZhyWGkYY&google_cver=1

43 B
106 B

117ms
116ms

Image
image/gif

35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.eyereturn.com/ggl-dmp/?id=&google_gid=CAESEIA1YbggWZGC5wjZhyWGkYY&google_cver=1

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
p3p: policyref="http://voken.eyereturn.com/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
status: 200
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.eyereturn.com/ggl-dmp/?id=&google_gid=CAESEIA1YbggWZGC5wjZhyWGkYY&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cminit2 Show response
cm.eyereturn.com/ 2 B
125 B 124ms
115ms Script
application/javascript 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.eyereturn.com/cminit2?d=1

Requested by

Host: o2.eyereturn.com
URL: https://o2.eyereturn.com/?site=6291&page=homepage&level1=homepage

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
p3p: policyref="http://voken.eyereturn.com/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
status: 200
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript
alt-svc: clear
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
106 B 118ms
116ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?r=3917:4838400

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
200 B 118ms
116ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?b=6421:600

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
177 B 119ms
117ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?b=10720:1001

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
177 B 119ms
118ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?b=10723:51

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
177 B 118ms
116ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?b=10729:101

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
177 B 117ms
115ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?b=10738:201

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
p3.eyereturn.com/seg/ 43 B
177 B 118ms
117ms Image
image/gif 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p3.eyereturn.com/seg/?b=10732:1001

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 google
server: nginx
status: 200
strict-transport-security: max-age=3600; includeSubDomains
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK time_series_covid19_deaths_global.csv Show response
raw.githubusercontent.com/CSSEGISandData/COVID-19/master/csse_covid_19_data/csse_covid_19_time_series/ Frame D12A 166 KB
43 KB 36ms
35ms XHR
text/plain 151.101.112.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/CSSEGISandData/COVID-19/master/csse_covid_19_data/csse_covid_19_time_series/time_series_covid19_deaths_global.csv

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51b5b21255635740067ed9c7de9824fa49babd7fc5e2c5ddadf9bf8d37a9909b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept: text/csv,*/*
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Fastly-Request-ID: 3c157a74c8805c76fb29921f34e2fe308b23929d
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Via: 1.1 varnish (Varnish/6.0), 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT, HIT
X-Cache-Hits: 2, 1
Connection: keep-alive
Content-Encoding: gzip
Vary: Authorization,Accept-Encoding, Accept-Encoding
Content-Length: 42986
X-XSS-Protection: 1; mode=block
X-Served-By: cache-hhn4059-HHN
X-GitHub-Request-Id: 1710:2EE5:12A8C43:140BBE6:5F4E9B5F
X-Timer: S1598987684.432069,VS0,VE1
X-Frame-Options: deny
Date: Tue, 01 Sep 2020 19:14:44 GMT
Source-Age: 266
Strict-Transport-Security: max-age=31536000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
ETag: W/"823b9b61b55ac235d46f13bd0358d45a363819eae5fd909b4da9cfc58e8e248b"
Accept-Ranges: bytes
Expires: Tue, 01 Sep 2020 19:19:44 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 280ms
280ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

9c744736ba88a78801a6da1dd9e874b2dabe4ca07632e185bc81932f206aae11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: DUS51-C1
status: 200
etag: W/"d61-JSRZ3vSHMNuSUieuJEg/ZFexTRE"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
content-length: 3425
x-amz-cf-id: C2lmymm-L_YYOcOXOSb6XEe_soiWONZVb12Xx8R7PUE-xgVfTrEnOA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 291ms
291ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

9422778dbd7f19fe073fcb19c4cbaf634e3df0147d3fe076a7f9e63e2fd3dfb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: DUS51-C1
status: 200
etag: W/"e29-g5/l4vb1sjT0Q9mktZwe7GwSZl8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
content-length: 3625
x-amz-cf-id: juXHQ19SNVdV2hXbJxTR4ZfRsrAI33kQEzW9JmvHfvim6WSfnSXk3Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
8 KB 288ms
288ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

f82724ec6ff16b85be5f22b34d6edfabf610807e06f3dc9c86e57c7bf39ad3c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: DUS51-C1
status: 200
etag: W/"1e13-330PDPnNse4r8vlKTn/vDF7x/rM"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
content-length: 7699
x-amz-cf-id: fZ9y0ArG5wCwx_CboXBHPDQENK7ctCjqTblXHBrRX-kMEtyM1RVr3g==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 292ms
291ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

a9be51629f04c0ac546d3c47e2f06e819f577b95d51b36b81a38ea3196c77ee6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 01 Sep 2020 19:14:44 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: DUS51-C1
status: 200
etag: W/"e83-hb+Oah+TaPC9etsG+S1QZ8c5wZc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
content-length: 3715
x-amz-cf-id: qeJfP_8ABbE8dyrQrIEzMRyAKASzlN7A_O9vE3XZRNl9lvs5OjQSJQ==

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 35 B
93 B 546ms
198ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4470&blst=2591&ist=3735&iet=3739&ts=1598987684718&jsk=q9fqmmutk5a97trs&jsv=20200808&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=a115e395-c1f9-463d-b747-ae3fb6ed8f60&sid=287bb719-ac76-4dab-871a-ff69ff097d24&pvid=063d03c3-7953-4fef-dc6c-a8a22903cbd0&ua=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F83.0.4103.61+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&tzo=-120&w=thestar_business&source=LI&tType=widget&pl=null&tr=null&st=4469&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fwsj%2Fbusiness%2F2020%2F08%2F31%2Ftry-getting-it-yourselves-how-trump-sowed-covid-19-supply-chaos.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2020%2F08%2F31%2Frona-ambrose-resigns-from-manulife-board-for-full-time-employment.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2020%2F09%2F01%2Famazon-drivers-are-hanging-smartphones-in-trees-to-get-more-work.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 35 B
93 B 531ms
197ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4484&blst=2591&ist=3735&iet=3739&ts=1598987684732&jsk=q9fqmmutk5a97trs&jsv=20200808&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=a115e395-c1f9-463d-b747-ae3fb6ed8f60&sid=287bb719-ac76-4dab-871a-ff69ff097d24&pvid=063d03c3-7953-4fef-dc6c-a8a22903cbd0&ua=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F83.0.4103.61+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&tzo=-120&w=thestar_entertainment&source=LI&tType=widget&pl=null&tr=null&st=4483&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Ftelevision%2F2020%2F08%2F31%2Ftransplant-the-canadian-medical-drama-with-an-immigrant-spin-set-to-cross-border.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fmovies%2F2020%2F09%2F01%2Fbill-ted-explained-by-gen-x-to-gen-z.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fbooks%2F2020%2F08%2F27%2Ftimothy-findley-biography-an-enthralling-exploration-of-a-complicated-man.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 35 B
93 B 469ms
194ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4516&blst=2591&ist=3735&iet=3739&ts=1598987684764&jsk=q9fqmmutk5a97trs&jsv=20200808&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=a115e395-c1f9-463d-b747-ae3fb6ed8f60&sid=287bb719-ac76-4dab-871a-ff69ff097d24&pvid=063d03c3-7953-4fef-dc6c-a8a22903cbd0&ua=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F83.0.4103.61+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&tzo=-120&w=thestar_recommended_for_you&source=LI&tType=widget&pl=null&tr=null&st=4515&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2020%2F09%2F01%2Famazon-drivers-are-hanging-smartphones-in-trees-to-get-more-work.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2020%2F08%2F29%2Fmy-husband-used-ideas-from-porn-for-our-sex-life-then-things-got-weirder-what-to-do-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2F2020%2F08%2F21%2Fpasta-lovers-left-scraping-their-jars-as-ragu-pulls-sauces-from-canadian-shelves.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fopinion%2Feditorial_cartoon%2F2020%2F09%2F01%2Fmichael-de-adder-no-favours.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2020%2F08%2F28%2Fafter-a-20-year-failed-marriage-i-just-want-a-companion-but-most-women-on-dates-want-more-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2020%2F08%2F28%2Fhe-didnt-respect-my-social-distancing-request-plus-he-was-rude-dating-diaries.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 35 B
93 B 445ms
194ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/__activity.gif?e=widget_shown&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4555&blst=2591&ist=3735&iet=3739&ts=1598987684804&jsk=q9fqmmutk5a97trs&jsv=20200808&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=a115e395-c1f9-463d-b747-ae3fb6ed8f60&sid=287bb719-ac76-4dab-871a-ff69ff097d24&pvid=063d03c3-7953-4fef-dc6c-a8a22903cbd0&ua=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F83.0.4103.61+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&tzo=-120&w=thestar_life&source=LI&tType=widget&pl=null&tr=null&st=4555&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2020%2F09%2F01%2Fmy-old-pals-rudeness-is-wrecking-our-friendship-can-it-be-saved-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2020%2F08%2F28%2Fhe-didnt-respect-my-social-distancing-request-plus-he-was-rude-dating-diaries.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ftravel%2F2020%2F08%2F29%2Fshhh-were-going-on-vacation-during-the-pandemic.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 nr-1071.min.js Show response
js-agent.newrelic.com/ 23 KB
9 KB 36ms
36ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1071.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:45 GMT
content-encoding: gzip
x-amz-request-id: DA29B196B72B8B85
x-cache: HIT
status: 200
content-length: 9086
x-amz-id-2: x3R8q2md/W3L3vtH817ZlGWVCoOuI63QgYW6MWzFo5cEeMx/LqelAntvAbNZ2z8f/cVViv4LSBk=
x-served-by: cache-hhn4035-HHN
last-modified: Wed, 28 Feb 2018 23:33:31 GMT
server: AmazonS3
x-timer: S1598987685.302206,VS0,VE0
etag: "a1a545c95f313a230157b47dca555c25"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 469

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
283 B 161ms
160ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o2rz8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 130
pragma: no-cache
last-modified: Tue, 01 Sep 2020 19:14:45 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 37295e7b600220dec4612ccca3c645b3
x-transaction: 002e291600948f00
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK 9faa45284b Show response
bam.nr-data.net/1/ 57 B
275 B 115ms
114ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/9faa45284b?a=16919584&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=5081&ref=https://www.thestar.com/&be=2317&fe=5037&dc=2595&perf=%7B%22timing%22:%7B%22of%22:1598987680248,%22n%22:0,%22f%22:1035,%22dn%22:1035,%22dne%22:1035,%22c%22:1035,%22ce%22:1035,%22rq%22:1035,%22rp%22:1192,%22rpe%22:1354,%22dl%22:1195,%22di%22:2591,%22ds%22:2591,%22de%22:2595,%22dc%22:5036,%22l%22:5036,%22le%22:5038%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

OPTIONS
H2 200 bid
prometheus-ix.eyereturn.com/prometheus/ Frame 0
0 189ms
117ms Other 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Protocol: H2
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-max-age: 86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
pragma: no-cache
server: Prometheus 1.0.8
date: Tue, 01 Sep 2020 19:14:45 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

arj Show response
torontostar-d.openx.net/w/1.0/
Redirect Chain

https://torontostar-d.openx.net/w/1.0/arj?auid=540273841%2C540273844%2C540273842%2C540273838&aus=728x90%2C970x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600&ju=https%3A%2F%2Fwww.thestar.com%2...
https://torontostar-d.openx.net/w/1.0/arj?cc=1&auid=540273841%2C540273844%2C540273842%2C540273838&aus=728x90%2C970x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600&ju=https%3A%2F%2Fwww.thestar....

232 B
506 B

164ms
164ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://torontostar-d.openx.net/w/1.0/arj?cc=1&auid=540273841%2C540273844%2C540273842%2C540273838&aus=728x90%2C970x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._YaOcZZzC&cache=1598987685393&ttduuid=cd0fd416-4099-4bd6-b9fa-e46e30fddd8e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash: 9138c10b97eedce61ea0669ec706fc57d055ba566cbf051f88f9f60c146a1968

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:45 GMT
content-encoding: gzip
server: OXGW/16.193.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thestar.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 218
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 01 Sep 2020 19:14:45 GMT
via: 1.1 google
server: OXGW/16.193.0
status: 302
location: https://torontostar-d.openx.net/w/1.0/arj?cc=1&auid=540273841%2C540273844%2C540273842%2C540273838&aus=728x90%2C970x250%7C728x90%2C970x250%7C300x250%7C300x250%2C300x600&ju=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&jr=&ch=UTF-8&tz=-120&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._YaOcZZzC&cache=1598987685393&ttduuid=cd0fd416-4099-4bd6-b9fa-e46e30fddd8e
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 475ms
177ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.023494054146152354&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0c682936b1999069c3a668d8f5603da6d9a3fed2b718915ee2f1615da70e87bd

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:45 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 bid
prometheus-ix.eyereturn.com/prometheus/ Frame 0
0 630ms
558ms Other 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Protocol: H2
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-max-age: 86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
pragma: no-cache
server: Prometheus 1.0.8
date: Tue, 01 Sep 2020 19:14:45 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 bid
prometheus-ix.eyereturn.com/prometheus/ Frame 0
0 630ms
558ms Other 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Protocol: H2
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-max-age: 86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
pragma: no-cache
server: Prometheus 1.0.8
date: Tue, 01 Sep 2020 19:14:45 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 657ms
182ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.45197592102019324&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 27dc7740b3c9b15381f36b0bd23ca2c7e049b7ff62a3962b3e94d1274d163ff6

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 803ms
146ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.7693216619120051
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a27702f6bd0a38c80b2add3cdd5ae34c261587576919947bf434181e9b1e8bfc

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
4 KB 985ms
181ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&p_screen_res=1600x1200&site_id=205444&zone_id=1011818&kw=rp.fastlane&tk_flint=index&rand=0.25729645889718267&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 3fceb28831104bdd18fa137c8b403b38f7b7b997d44bbf4dd913747519d83955

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 2529
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
208 B 28ms
25ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 01 Sep 2020 19:14:45 GMT
server: cloudflare
status: 204
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
cf-ray: 5cc150e9cd66ee07-CDG
access-control-allow-headers: Content-Type, Origin
cf-request-id: 04ecb0e61e0000ee0748b0e200000001

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
683 B 1306ms
98ms XHR
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13452923&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=ZNAs4h9S&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.77:80
AN-X-Request-Uuid: 60b36feb-6e9b-4599-97fd-01dca883278c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
684 B 1304ms
96ms XHR
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13452926&size=728x90&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=7pabgpO3&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid: 2484786f-6a9f-49e8-b90f-2f248996a631
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
684 B 1310ms
102ms XHR
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13452924&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=2br1SeV2&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: 50d7ac87-1f59-49af-9422-00250b3507eb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 0
683 B 1303ms
96ms XHR
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=13452918&size=300x250&callback=headertag.AppNexusHtb.adResponseCallback&callback_uid=Sspo3f2x&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid: e0d86911-b5fb-41df-9d9a-3f0a0401a331
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
461 B 533ms
209ms XHR
text/javascript 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=157269&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A96908383%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%229%22%2C%22siteID%22%3A%22268336%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22268337%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22268340%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22268341%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22268338%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22268332%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22268333%22%7D%2C%22id%22%3A%227%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cd0fd416-4099-4bd6-b9fa-e46e30fddd8e%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222020-09-01T19%3A14%3A45%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c0caa5aeb8a0133a133970dca37bb3fb6088143793e0ce006afeb42d5c423362

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:45 GMT
content-encoding: gzip
server: Apache
status: 200
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 86
expires: Tue, 01 Sep 2020 19:14:45 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 1439ms
136ms XHR
application/javascript 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439257&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=xmjETNI0&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5bbc67c800c327807c568452d9db582aae2996ca68d20173720872261c68de70

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: 2fec5b40-2e3f-465d-8348-d1929c5dcd0a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 1522ms
220ms XHR
application/javascript 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439268&size=728x90&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=0Fqx1Ed3&psa=0&promo_sizes=970x250&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c5fbe12f879fa71da4e1e929a142e80a922bfc106d2aab3187fe6fea1b1cd581

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: 8c0d7446-62f4-4375-ad6c-cd1bed7ed95b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 1461ms
157ms XHR
application/javascript 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439260&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=8Pg8tk5x&psa=0&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

71c6735104f696b9df1ab2210f2ad51e7563217b1eb687222f6cf7e291fcce0c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.41:80
AN-X-Request-Uuid: a8ac6e03-7e85-45d9-899e-1f2ad44eb981
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK jpt Show response
secure.adnxs.com/ 100 B
1 KB 1552ms
243ms XHR
application/javascript 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/jpt?id=14439248&size=300x250&callback=headertag.DistrictMHtb.adResponseCallback&callback_uid=HeOUBENe&psa=0&promo_sizes=300x600&referrer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bab679a1f23709b1c689eda8d14a1b975d5617685febf16959e446e4e5758b24

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: 10f2ad46-00e6-4256-a692-f12b1aebbb58
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 100
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 bid
prometheus-ix.eyereturn.com/prometheus/ Frame 0
0 632ms
561ms Other 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Protocol: H2
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.thestar.com
access-control-max-age: 86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
pragma: no-cache
server: Prometheus 1.0.8
date: Tue, 01 Sep 2020 19:14:45 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 200 bid Show response
prometheus-ix.eyereturn.com/prometheus/ 51 B
117 B 616ms
560ms XHR
application/json 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash: 6b09f12b9b29af461a04e89551d6a13fc90cff03385e8a6f191b80a4fdb67435

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:46 GMT
via: 1.1 google
server: Prometheus 1.0.8
access-control-allow-headers: Origin
status: 200
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 51
expires: 0

POST
H2 200 bid Show response
prometheus-ix.eyereturn.com/prometheus/ 51 B
342 B 174ms
174ms XHR
application/json 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash: bb8ddd655ebdf751680bd85682e43c5510457587acd381d347d30e5fef655669

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:46 GMT
via: 1.1 google
server: Prometheus 1.0.8
access-control-allow-headers: Origin
status: 200
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 51
expires: 0

POST
H2 200 bid Show response
prometheus-ix.eyereturn.com/prometheus/ 51 B
117 B 556ms
556ms XHR
application/json 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash: 753a325914a51c3f60d45d555749c763feb4b1bc9d009f1060985eef2dff5e32

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:46 GMT
via: 1.1 google
server: Prometheus 1.0.8
access-control-allow-headers: Origin
status: 200
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 51
expires: 0

POST
H2 200 bid Show response
prometheus-ix.eyereturn.com/prometheus/ 51 B
117 B 554ms
554ms XHR
application/json 35.190.25.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prometheus-ix.eyereturn.com/prometheus/bid
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.25.50 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 50.25.190.35.bc.googleusercontent.com
Software: Prometheus 1.0.8 /
Resource Hash: a16e92f72529606b27372ecd34993ee9a1903f6480f1e7413eb6725d1b85b796

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:46 GMT
via: 1.1 google
server: Prometheus 1.0.8
access-control-allow-headers: Origin
status: 200
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 51
expires: 0

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame D63E 0
0 38ms
37ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=b846aece-0593-4d62-982b-779a22b235ef&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.193.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=b846aece-0593-4d62-982b-779a22b235ef&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com/?redirect=true
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=3ce2a745-650c-0fde-11b8-6456672fb8df|1598987685
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thestar.com/?redirect=true

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=3ce2a745-650c-0fde-11b8-6456672fb8df|1598987685; Version=1; Expires=Wed, 01-Sep-2021 19:14:45 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1598987685|mOgegqnskin0vNomiygu; Version=1; Expires=Wed, 16-Sep-2020 19:14:45 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.193.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 01 Sep 2020 19:14:45 GMT
content-type: text/html
content-length: 548
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Sep 2020 19:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Sep 2020 19:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
941 B 581ms
547ms XHR
text/plain 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3955123324218601&correlator=2612945284144508&output=ldjh&impl=fifs&eid=21066031%2C21065976%2C21066904%2C21067272%2C21067282%2C21067027&vrg=2020082701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200901&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C1x1%2C1x1%2C728x90%7C970x250%7C940x230&ists=4&prev_scp=pos%3D1%26m_mv%3D60%2C50%2C40%2C30%2C20%2C10%26m_gv%3D40%2C30%2C20%2C10%26ix_rubi_om%3D300x600_8%26ix_rubi_id%3D_qXfe4tGl%7Cpos%3D2%26m_mv%3D50%2C40%2C30%2C20%2C10%26m_gv%3D40%2C30%2C20%2C10%7Cpos%3D2%26m_mv%3D40%2C30%2C20%2C10%26m_gv%3D40%2C30%2C20%2C10%7Cpos%3D3%26m_mv%3D30%2C20%2C10%26m_gv%3D40%2C30%2C20%2C10%7Cpos%3D4%26m_mv%3D20%2C10%26m_gv%3D20%2C10%7Cpos%3D2%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%7Cpos%3D1%26m_mv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10%26m_gv%3D80%2C70%2C60%2C50%2C40%2C30%2C20%2C10&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26tkspo%3D12%26env%3Dbeta%26testing%3Dlazy%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno&cookie_enabled=1&bc=31&abxe=1&lmt=1598987686&dt=1598987686413&dlt=1598987681443&idt=3819&frm=20&biw=1600&bih=1200&oid=3&adxs=1047%2C1047%2C436%2C436%2C436%2C0%2C0%2C436&adys=1014%2C2699%2C5469%2C6633%2C9697%2C10629%2C0%2C0&adks=1330620275%2C1330620272%2C3893840797%2C3893840798%2C3893840799%2C2173569414%2C2173569469%2C1368254111&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dssz=76&icsg=816320448&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=328x288%7C328x288%7C756x128%7C756x128%7C756x128%7C1600x0%7C1600x0%7C1600x90&msz=300x250%7C300x250%7C728x90%7C728x90%7C728x90%7C1x-1%7C1x-1%7C1600x90&ga_vid=317915704.1598987683&ga_sid=1598987686&ga_hid=272721891&fws=512%2C512%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

36cb8f2a46cb7bd3baa9669fb3430fd2d9cb40bae73edab946129de92427a37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
af480b5e882dba2da434d044020692d6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 76ms
42ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://af480b5e882dba2da434d044020692d6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
7ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
339 B 384ms
63ms XHR
text/plain 95.100.197.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=157269&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/181778-254412191205210.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 01 Sep 2020 19:14:46 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 01 Sep 2020 19:14:46 GMT

GET
H2 200 q3-shop-low-v2 Show response
www.thestar.com/api/overlaydatarule/ 17 KB
17 KB 108ms
108ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/q3-shop-low-v2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

55ce7fd06bdea72a926cdda65897715c0d80ec6fcebaca6578455d3e891a7baa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:10:17 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
age: 269
status: 200
etag: W/"4419-BTTCX0qM0H8hQDrcRkA1KpdaYbg"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
content-length: 17433
x-amz-cf-id: Fx5aRiiDVnp6EKMacg7BYE3ZCcURUHK9N6tQEXw3nMAFHNjoIXqmvg==

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 29 KB
29 KB 105ms
104ms XHR
application/json 13.226.145.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.64 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-64.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

93b01b3d95f622218fff8a190e55c92f0e55f7cb4f3754c50a15fe87a291c471

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:13:22 GMT
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
server: Apache
age: 84
status: 200
etag: W/"7393-O38hb8lTns597Ie+PsGvGGEVzmE"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180, no-cache="set-cookie"
x-amz-cf-pop: DUS51-C1
content-length: 29587
x-amz-cf-id: Yt6wQ67rsokGZO0cNlmBycjCdr8UGnwSkaR-sBsEsLXW7NJc6IARkw==

GET
H/1.1 200
OK JSONP Show response
emeter-nam.mppapi.io/probes/ 28 B
212 B 457ms
123ms Script
text/html 3.220.111.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://emeter-nam.mppapi.io/probes/JSONP?Cookie=AccessToken=idv2kekbzfn2goh3x2xuocakgqgxlmlrg&content=frontpage&REQUEST_URI=https://www.thestar.com/&X-TokenId=A3E8650F772B49B69E044DAC39BE3AD3&callback=__jp0
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendor.chunk.js?v=ac2ca55e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.111.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 4fbb8174a6c6b8d4589233c6993485db7e8d9169a0a09210bd6faeeed14705d4

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Sep 2020 19:14:47 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Length: 48
Content-Type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 34ms
20ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c919ce97aa5db465d3404dede8a005a697421bff66c95910712691def489f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 01 Sep 2020 19:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6181
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 01 Sep 2020 19:14:47 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame AA89 0
0 27ms
13ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thestar.com/?redirect=true
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.thestar.com/?redirect=true

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 01 Sep 2020 19:09:28 GMT
expires: Wed, 01 Sep 2021 19:09:28 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 319
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
165 B 41ms
40ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020082701&jk=3955123324218601&bg=!QUKlQlpYvimhIoQ-MwYCAAAAbVIAAAAOCgCzykGM3FSh1DQ5G0AhpvGrZg_do_Hy2czBhx6EK7lvEwadfe5tZaaJWRAukNaHnERdh1aGqOHeevWM1lpMhxMYVLNRxp_WJqY7Ur16geuWqErbWyozAO0fHiiTk184jDfIW9aCawCLg6sak32LD5pPH3mZcX1nrlRoPHImu7YoeC4XzYZR4qHv59rSG1ViFw1D5fXumTn8Vopq8pW2J4gKAFkNNoc0YBvw5FqF8x2vJxGMi9WZAab17R2IhHWvaRC_Xa2H2e7wyDV-XbaDz7Qr2XN4IcBOuo63Fz2JovgUjC4NOMmQtXZ88zQ_JtSm68tZLad54r40MSHJMIltx---yYXKm5JhjwioBmdSxIAsfKAx6nCEbvTLdGMSvnnAxE-Cxw7C8dx0zpdRvSbfiJ4BKF0MdoNC-DDLHpgUehVmk3pVRvpzpZrbiuUWedz5SrJHah1vtOiOCQYcSY9TJLYW-q329b3d_TSK1GJWm3iB50hEeMd9XyYfH2ZEQCKi519PfR3dAZT_fs4bP6o7JfOV4bE4rgmgQo03FttDPBTTk4Qldwr1uQ4iJ-00Rz-s08jbjEeRwOr7gQPOY7Ei_lppZDNlL5FnusZHzoP69maKCHEfbacS4rrduLemlCY3fRbJIUYCEiLCICN75k49kasBzZEmbNIjgBqSi3P1GXIF-b80xCseMhcr0FmjXjN_12lpsFW2GscbIgJdIy2JuE97S0boFy2nnetTEOulYQiR3zPcus0u1MD31flUEKhoFGnVLAadT5gntSFh0NnVpiAEXYsBc0oV-kB51VXkiw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 erguid Show response
cm.eyereturn.com/ 2 B
83 B 118ms
118ms XHR
application/javascript 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.eyereturn.com/erguid

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:47 GMT
via: 1.1 google
status: 200
p3p: policyref="http://voken.eyereturn.com/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: https://www.thestar.com
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript
alt-svc: clear
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 erguid Show response
cm.eyereturn.com/ 2 B
65 B 118ms
118ms XHR
application/javascript 35.186.239.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.eyereturn.com/erguid

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.239.238 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Sep 2020 19:14:47 GMT
via: 1.1 google
status: 200
p3p: policyref="http://voken.eyereturn.com/w3c/p3p.xml", CP="NOI DSP NID PSAo PSDa OUR STP IND UNI COM NAV"
access-control-allow-origin: https://www.thestar.com
cache-control: no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript
alt-svc: clear
x-xss-protection: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 RC386e65db425d4f1988262e7405cfb0be-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/ 12 KB
5 KB 32ms
31ms Script
text/javascript 13.224.193.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/RC386e65db425d4f1988262e7405cfb0be-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81e58fd515d31f6b56962df7ba19ea358633f7f45f905ddd1646fba6730f06e7

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: nUqhp4nM4R_kMZnj.SzFoHO5q_faUU2e
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 15:12:04 GMT
server: AmazonS3
age: 68438
etag: "299e6496176e0ca74d68c2aee7e9f5f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
date: Tue, 01 Sep 2020 00:14:10 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VVFdyFgZig_BCAWuEEa1HzelvJ1r-25YeYX8z_ZlVK6uELSt7QgbPQ==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)

GET
H2 200 RC894f8dbe64224954b1a4935ebb10f42c-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/ 1 KB
1 KB 29ms
29ms Script
text/javascript 13.224.193.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/ba42dc43ec49/RC894f8dbe64224954b1a4935ebb10f42c-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf50a92e22ab7ffebd11d05401c6803f94bd765f4d9781cafc15fc75c6693eb4

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: _uempgHtxp8yiFl0GKmr5dOhhGlZfQsI
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 15:12:04 GMT
server: AmazonS3
age: 68438
etag: "d6ba55374d517c6fafca4725243b8772"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
date: Tue, 01 Sep 2020 00:14:10 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Jcci-_ySOwCBRxziZzR1fDw7QlkGzzjhwICQjIH3jw_d89nDZBcBjA==
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)

GET
H2 200 s45005779287463
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.20.0-LAUN/ 43 B
244 B 39ms
39ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.20.0-LAUN/s45005779287463?AQB=1&ndh=1&pf=1&t=1%2F8%2F2020%2021%3A14%3A47%202%20-120&mid=17902815095235589154247650036614669944&aamlh=6&ce=UTF-8&ns=torstardigital&cdp=2&fpCookieDomainPeriods=2&pageName=thestar%7Chome&g=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cc=CAD&ch=home&server=thestar.com&events=event72&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=D%3D%2B%22thestar%7C%22%2Bh2&l1=D%3Dv28&c2=home&v2=D%3Dc17&h2=home&c4=D%3Dg&v4=D%3Dg&c9=thestar.com%20%7C%20the%20star%20%7C%20canada%27s%20largest%20daily&v15=landscape&v16=false&c17=new%7Cnew&c18=no&c19=D%3Dserver&c24=desktop&c26=not-specified&v29=https%3A%2F%2Fwww.thestar.com%2F&c43=national&v43=%3B&v46=q3-shop-low-v2&v49=D%3DpageName&c51=no-adblock-detected&c55=D%3Dmid&c56=no&c57=home-v1&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:47 GMT
x-content-type-options: nosniff
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 02 Sep 2020 19:14:47 GMT
server: jag
xserver: anedge-75d94f685-sm47q
etag: 3433799911271137280-4614265355744186108
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 31 Aug 2020 19:14:47 GMT

GET
H2 200 s46519610852335
s.thestar.com/b/ss/thestarbrowser/1/JS-2.20.0-LAUN/ 43 B
209 B 38ms
37ms Image
image/gif 15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.thestar.com/b/ss/thestarbrowser/1/JS-2.20.0-LAUN/s46519610852335?AQB=1&ndh=1&pf=1&t=1%2F8%2F2020%2021%3A14%3A47%202%20-120&mid=17902815095235589154247650036614669944&aamlh=6&ce=UTF-8&ns=torstardigital&cdp=2&fpCookieDomainPeriods=2&pageName=Home&g=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&cc=CAD&ch=Home&server=thestar.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=Home&h1=Home&l1=D%3Dv62&c2=D%3Dv2&c3=D%3Dv3&c4=D%3Dv4&c6=D%3Dv6&c7=D%3Dv7&c8=D%3Dv8&c10=D%3Dg&v10=D%3Dg&c11=D%3Dv11&c12=D%3Dv12&v12=section&c13=D%3Dv13&c14=D%3Dv14&c15=D%3Dv15&c16=D%3Dv16&c17=D%3Dv17&c18=D%3Dv18&c24=D%3DpageName&c44=D%3Dv44&v44=New&c45=D%3Dv45&v45=https%3A%2F%2Fwww.thestar.com%2F&c51=D%3Dv51&v51=national&c52=D%3Dv52&c56=D%3Dv56&v56=logged%20out&v58=%3B&c60=D%3Dmid&c62=no&c63=desktop&c64=home-v1&c66=landscape&v75=q3-shop-low-v2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:48 GMT
x-content-type-options: nosniff
x-c: master-1346.I9098b4.M0-442
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 02 Sep 2020 19:14:48 GMT
server: jag
xserver: anedge-75d94f685-46wqc
etag: 3433799913418620928-4614404224384828365
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 31 Aug 2020 19:14:48 GMT

GET
H2 200 549886031832745 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 74ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

288d82b095ced1edc385e9b7cff8cbbc75dec1e76720df83464e6fc192c0c157

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: gMv1mI1X5wnGnQGgpERPgPgOUD2jjGne/WIh/mcpUw1CLr6l1gySFDLPvvKfVSpXXW8aSNfp+LyK70aAX4858w==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 01 Sep 2020 19:14:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1598987688304&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1598987688303.1686572904&it=1598987688177&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 01 Sep 2020 19:14:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=Microdata&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1598987688807&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%22%2C%22meta%3Adescription%22%3A%22thestar.com%20is%20Canada%27s%20largest%20online%20news%20site.%20From%20national%20coverage%20and%20issues%20to%20local%20headlines%20and%20stories%20across%20the%20country%2C%20the%20Star%20is%20your%20home%20for%20Canadian%20news%20and%20perspectives.%20Stay%20current%20with%20sports%2C%20business%2C%20entertainment%20stories%20and%20more%20at%20thestar.com.%22%2C%22meta%3Akeywords%22%3A%22thestar.com%2C%20the%20toronto%20star%20newspaper%2C%20the%20toronto%20star%2C%20world%2C%20sports%20news%2C%20GTA%2C%20Toronto%2C%20Canada%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22thestar.com%20%7C%20The%20Star%20%7C%20Canada%27s%20largest%20daily%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.thestar.com%2Fassets%2Fimg%2Fthestar-ribbon.png%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%22%2C%22og%3Asite_name%22%3A%22thestar.com%22%2C%22og%3Adescription%22%3A%22thestar.com%20is%20Canada%27s%20largest%20online%20news%20site.%20From%20national%20coverage%20and%20issues%20to%20local%20headlines%20and%20stories%20across%20the%20country%2C%20the%20Star%20is%20your%20home%20for%20Canadian%20news%20and%20perspectives.%20Stay%20current%20with%20sports%2C%20business%2C%20entertainment%20stories%20and%20more%20at%20thestar.com.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1598987688303.1686572904&it=1598987688177&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Sep 2020 19:14:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 01 Sep 2020 19:14:48 GMT

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/ 35 B
93 B 128ms
127ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/a115e395-c1f9-463d-b747-ae3fb6ed8f60/__activity.gif?e=stuck_10s&ct=thestar.com+%7C+The+Star+%7C+Canada%27s+largest+daily&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=13739&blst=2591&ist=3735&iet=3739&ts=1598987693987&jsk=q9fqmmutk5a97trs&jsv=20200808&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=a115e395-c1f9-463d-b747-ae3fb6ed8f60&sid=287bb719-ac76-4dab-871a-ff69ff097d24&pvid=063d03c3-7953-4fef-dc6c-a8a22903cbd0&ua=Mozilla%2F5.0+(Macintosh%3B+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F83.0.4103.61+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.9&tzo=-120&w=null&source=null&sdk=bc-pixel
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 01 Sep 2020 19:14:54 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: clear
content-length: 35
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.thestar.com/	1970-01-20 05:40:59	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 870038026%7CMCIDTS%7C18507%7CMCMID%7C17902815095235589154247650036614669944%7CMCAAMLH-1599592483%7C6%7CMCAAMB-1599592483%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1598994884s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18514%7CvVersion%7C5.0.0
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
www.thestar.com/	1970-01-19 12:09:47	Name: vwo-lazyload-ad-flag Value: true
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1598987684061
.thestar.com/	1970-01-19 12:09:49	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1598987684028%2C%22slts%22:0}
www.thestar.com/	1970-01-19 20:55:23	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.thestar.com/	1970-01-20 05:40:59	Name: s_ecid Value: MCMID%7C17902815095235589154247650036614669944
.thestar.com/	1970-01-19 21:39:11	Name: _parsely_visitor Value: {%22id%22:%22pid=ca21fa505b9129ea36090bf55f7da54f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1598987684028}
.thestar.com/	1970-01-19 20:55:23	Name: _ig Value: a115e395-c1f9-463d-b747-ae3fb6ed8f60
.demdex.net/	1970-01-19 16:28:59	Name: demdex Value: 17894407603682857054251303885942488178
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: 287bb719-ac76-4dab-871a-ff69ff097d24
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.www.thestar.com/	1970-01-19 14:19:23	Name: _rdt_uuid Value: 1598987683965.1f886c5c-84e6-4de4-84b0-cd8a03b75cc2
www.thestar.com/	1970-01-19 12:52:59	Name: AccessToken Value: idv2kekbzcs7znzte8olahl9mox0gmqfb

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.thestar.com/static/bundle.js?v=2fd58339(Line 1) Message: script loaded!
console-api	log	URL: https://www.thestar.com/static/bundle.js?v=2fd58339(Line 1) Message: [object Event]
console-api	log	URL: https://sr.studiostack.com/v3/services(Line 1) Message: location unchanged [object Object]
console-api	log	URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget.html(Line 607) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserver.pressboard.ca
adservice.google.com
adservice.google.de
af480b5e882dba2da434d044020692d6.safeframe.googlesyndication.com
alb.reddit.com
analytics.twitter.com
api.rlcdn.com
api.thestar.com
as-sec.casalemedia.com
bam.nr-data.net
bat.bing.com
cdn.parsely.com
cdn.petametrics.com
cm.everesttech.net
cm.eyereturn.com
cm.g.doubleclick.net
connect.facebook.net
d1nxn87txdj54y.cloudfront.net
d1v9u0bgi1uimx.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
dmx.districtm.io
dpm.demdex.net
emeter-nam.mppapi.io
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hb.districtm.io
htlb.casalemedia.com
images.thestar.com
js-agent.newrelic.com
js-sec.indexww.com
match.adsrvr.org
mb.moatads.com
misc.thestar.com
o2.eyereturn.com
p3.eyereturn.com
pagead2.googlesyndication.com
platform.twitter.com
prometheus-ix.eyereturn.com
px.ads.linkedin.com
px.moatads.com
query.petametrics.com
raw.githubusercontent.com
resources.eyereturn.com
resources.thestar.com
s.thestar.com
s3.amazonaws.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sejs.moatads.com
snap.licdn.com
sr.studiostack.com
srv-2020-09-01-19.pixel.parsely.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
thestar.com
torontostar-d.openx.net
torontostarnewspaperslimited.demdex.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
z.moatads.com
104.111.215.135
104.16.190.66
104.244.42.133
104.244.42.195
13.224.193.15
13.224.193.35
13.224.193.39
13.225.78.61
13.225.84.166
13.226.145.123
13.226.145.64
13.35.255.237
143.204.101.34
143.204.208.100
146.88.138.85
15.188.154.177
151.101.112.133
151.101.112.157
151.101.114.110
162.247.242.19
172.217.18.162
185.33.221.89
192.206.150.106
199.232.53.140
216.58.206.2
23.37.53.17
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:81f::2001
2a00:1450:4001:821::2001
2a00:1450:400c:c0c::9c
2a02:26f0:10c:48b::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
3.10.67.84
3.220.111.220
34.96.102.137
34.98.64.218
35.186.239.238
35.190.14.224
35.190.25.50
35.244.174.68
40.71.11.164
52.217.47.30
52.30.78.155
52.72.211.240
54.229.91.186
63.32.152.233
66.117.28.86
69.173.144.143
95.100.197.246
95.100.197.53
95.100.70.75
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828
0085dc93377519ee43bf8c1cc8367f60d87b5537af9c7a7e6b02c5db8c65037e
03469b64341c00b83579cc88a6ccb51601d87a2c7f5b68c5e4d5ee7e96d2f241
0464c941eca2b744b11070c32daf15e11e6166751c9060207ea5edd3cebdd994
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06de7a963eb7c647e35c59fac727265b316e112e298cd0d2318da314efdc6a3a
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
0c682936b1999069c3a668d8f5603da6d9a3fed2b718915ee2f1615da70e87bd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121eabad154345bcd867bb65e806914e5596535fd47e1b3e5256b80a3521e13b
133d99ecc7e1f65d2e0bdc9d04fae746f2e9b820213b2a2df7fed60ba073475e
16d3d12f94cb57adf13852a17da9cd977b449c5abf0d1cd16651c907dc0f4e11
1a00ec901bb235ad2a8211954f9b3b9aeb27223cc0dc157dfc8f38a288b998bc
1d15b182ff351c118537ef460a31ba46f78fa762ec6f4e980a99dd6d9421847c
1da99f34955d61c70e7980406f1692f1a0f3c838b777fc6afafb060614998886
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
27dc7740b3c9b15381f36b0bd23ca2c7e049b7ff62a3962b3e94d1274d163ff6
288d82b095ced1edc385e9b7cff8cbbc75dec1e76720df83464e6fc192c0c157
2aee42d0a47fbcddc983fb79e7878b4a888b3e3f4d3fce227e3a15d2ae2316cb
2eac111f3964df8815ea76680a9f84f46a7716f6ab5bccddf0309bcf5bc09406
3005d413536a040c9b38dc7e7065ff922e85846b28ea78a4951927eb94cc1a6a
36cb8f2a46cb7bd3baa9669fb3430fd2d9cb40bae73edab946129de92427a37d
38aca3bbb23de0021f23f452001fde8c0572aeb05d468a20e5a31f71482bfe4b
3fceb28831104bdd18fa137c8b403b38f7b7b997d44bbf4dd913747519d83955
40ec37e4cc819c782303c935a3eefcd7a555500d25960c99dfe236098eb93fee
41ab17884b85615b28665ca7c61f8030f0016b6f4119e24e8704fa4980ea0ef9
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43caeb3e87603abaebd386740be1d23028eece94cd2f7f3b8a66e09694e43a4a
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4c1707b36726345f0279a136d33a53bcc7b7fa2f13b5b2eb781ba04e594ee245
4c919ce97aa5db465d3404dede8a005a697421bff66c95910712691def489f85
4f1dda5ec79ce75f376620c0b43607e3cd122b826130c455d96fada2f79298b4
4fbb8174a6c6b8d4589233c6993485db7e8d9169a0a09210bd6faeeed14705d4
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
51b5b21255635740067ed9c7de9824fa49babd7fc5e2c5ddadf9bf8d37a9909b
55504393e7d97afe007fbc6332d2128502ed804e36e054f1fa3a0fc94ad66ec8
55ce7fd06bdea72a926cdda65897715c0d80ec6fcebaca6578455d3e891a7baa
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
56be4489371b139867bae6ce84da26f4e9c61dd13085c441b93581f6f64484bf
57f7bcb1b9f13f309a96266661497a2d1fbc303604bb587aa659b0a2fa356c3d
5813a47c656f1341389c2c80ba1f8fcb89726a42271678f69f55bb52d9472ec0
5bbc67c800c327807c568452d9db582aae2996ca68d20173720872261c68de70
5c04dfc7f668ad410b61e26c92b799114093db101c23e4fe41dcf16e4ab1c588
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
5d3230127ec33ca8c34b167efb260f829f017ecbf2a2453be07aabb80aaad670
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
66420283f03f88e268b56199478822906f80c70a46e679d5c1bc0f761b5f038e
6857cc8e3a69db207d552a102377c7fed752998d141984b5f3c66de502b3b9fc
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b09f12b9b29af461a04e89551d6a13fc90cff03385e8a6f191b80a4fdb67435
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
71c6735104f696b9df1ab2210f2ad51e7563217b1eb687222f6cf7e291fcce0c
73a4e23a57acebbfd35b9b3d150f3a585c29be0ccfddd69ff524dbceda7c8939
753a325914a51c3f60d45d555749c763feb4b1bc9d009f1060985eef2dff5e32
79a85dff191a649a1406d7bd4207028eb32bda0f280e4f1983bf9de41dbaa92b
7a747152c49590700fc14ccd71408ea3b979333f791260762fc5b8a1d8fd8a77
81e58fd515d31f6b56962df7ba19ea358633f7f45f905ddd1646fba6730f06e7
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8436f75dfe4abeef26e1542ef77ee103e7da39ec631f1dd0850f3e743691ecb1
8a5025196acb05a5aaee886714c31a4658e49f5a7539e4d8838494c567b87244
9138c10b97eedce61ea0669ec706fc57d055ba566cbf051f88f9f60c146a1968
93b01b3d95f622218fff8a190e55c92f0e55f7cb4f3754c50a15fe87a291c471
9422778dbd7f19fe073fcb19c4cbaf634e3df0147d3fe076a7f9e63e2fd3dfb6
9474557b14923e78c9b0b7b44bccd0d7018187fb0150095946932a071f155933
977ba5a6db6fa2c3c6122a34e75a6559b3c3c6f0cc25d5863c06718d5d9393cc
98455934487df28a62d9947aa6f4e2214bc96accfbb88a28aa2e397b9434b507
9c744736ba88a78801a6da1dd9e874b2dabe4ca07632e185bc81932f206aae11
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
9cd8eec15e7d2176df3021c1e1efa955d866bfd04dfda82821e8ae98c7990173
9d1d20907ba83d3f3470e59e4304e94a093514d204330dde7afea7056c13febd
9f0dc60647ef284fb7f35fd44c1c4389d993ad3383ae0cb9256b1e6bec5345aa
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a16e92f72529606b27372ecd34993ee9a1903f6480f1e7413eb6725d1b85b796
a1dd36919325e074f1ef32afb1af944c32b3c3b37711a0afd24827daabd847bd
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27702f6bd0a38c80b2add3cdd5ae34c261587576919947bf434181e9b1e8bfc
a33a0675bba4907770c1cd92acab77ac90764e8c698a63200c974af07cbb8259
a47585e824e064080ed966d1b35744a6cd1e8b965c89de402528bc14adb55011
a5e26192eda8b6a0667ea08657fe7d65ff360490fb16ab7a3124164044be591a
a9be51629f04c0ac546d3c47e2f06e819f577b95d51b36b81a38ea3196c77ee6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0ab2f21243b940db6c6b986e1cedb149ffcc296b62b326e9214366585d1040d
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
bab679a1f23709b1c689eda8d14a1b975d5617685febf16959e446e4e5758b24
bb8ddd655ebdf751680bd85682e43c5510457587acd381d347d30e5fef655669
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
bf50a92e22ab7ffebd11d05401c6803f94bd765f4d9781cafc15fc75c6693eb4
bf72a72b82528382a139fe56546c4494dd64e82706c2cbef91739445ca6a3fbb
c0159d71bfd21f50878f12b283950402c6364354bcd559af9accc22191dddb5b
c0caa5aeb8a0133a133970dca37bb3fb6088143793e0ce006afeb42d5c423362
c356c258bb807439b3546c08829c09b5d354aaa03621bc698a03c091f889552d
c5fbe12f879fa71da4e1e929a142e80a922bfc106d2aab3187fe6fea1b1cd581
c702ffb46573278d0f6c63c04178448cb45a0c8e9fb357a9529470ad10b1fac1
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
cbdd0b7da79a1b419214ebbbbfe3d228ba35974e4580376a47618e2966e71371
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d46ed64f5306f60810a0bb3fda0b6c9cfdb553878abc7bf68320ca1309f2a73f
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d970d81ebaca9550322341019025a9864e4d01ac3452b1d50ad128ac03f2cb7a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db8b6f78d1ac8abe5f58916b21eb3b9a2574a20054b8849071edf99608469e3c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df86c427a8bc567996b69e231653e600f24a057a2f59f017131ed368f73fb228
e04bcc5dba6b1111f97104574d0074b53b649b0eb815ce17548af5180c20b279
e28062146eb4a7f4fef812a9d2283fc90f20954302fe714b7af29c5c6cf1ee52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1708300bcd67dc8342625b22cda07bb7d1552eb30ce92cd82c4dac0a05fb988
f43ed67b5dbe01a3b359d5af3077afe6543a88bc32088c322171335e09b39e76
f523e3e4420a4f9bdbeb2dd744a4de9014af64872091bc9746a31b6c8599d743
f6b26dced3ed21913706b5d0c6e9c60b9528fc5582b6e20f792c254eca09ce7c
f82724ec6ff16b85be5f22b34d6edfabf610807e06f3dc9c86e57c7bf39ad3c7
f96d6e2e4e64f12ff09df4162fc99a9f6753d9dd2e845042aa92795ff90ad7e3

www.thestar.com Open in urlscan Pro 13.226.145.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

180 Requests

100 %HTTPS

26 %IPv6

44 Domains

72 Subdomains

57 IPs

9 Countries

2683 kBTransfer

9602 kBSize

14 Cookies

19 Outgoing links

Page URL History

Redirected requests

180 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
13.226.145.64 Public Scan

Screenshot
Live screenshot

Full Image

180
Requests

100 %
HTTPS

26 %
IPv6

44
Domains

72
Subdomains

57
IPs

9
Countries

2683 kB
Transfer

9602 kB
Size

14
Cookies

180 HTTP transactions
0 data transactions