urlscan.io logo urlscan.io
SecurityTrails logo

www.thestar.com Open in urlscan Pro
192.104.182.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-clement-says
Effective URL: https://www.thestar.com/
Submission: On January 18 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 6 countries across 83 domains to perform 332 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 263477.
TLS certificate: Issued by WR1 on December 27th 2024. Valid for: 3 months.
This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 11 192.104.182.109 10668 (LEE-ASN)
53 104.16.132.24 13335 (CLOUDFLAR...)
12 142.250.65.232 15169 (GOOGLE)
1 2 172.67.41.60 13335 (CLOUDFLAR...)
5 13.107.246.40 8075 (MICROSOFT...)
11 142.251.40.226 15169 (GOOGLE)
1 23.201.191.176 16625 (AKAMAI-AS)
5 142.250.80.4 15169 (GOOGLE)
1 172.217.165.129 15169 (GOOGLE)
2 108.138.128.46 16509 (AMAZON-02)
1 64.233.180.84 15169 (GOOGLE)
4 142.250.176.206 15169 (GOOGLE)
20 3.168.102.4 16509 (AMAZON-02)
1 142.250.72.106 15169 (GOOGLE)
3 108.138.112.90 16509 (AMAZON-02)
1 3.168.102.52 16509 (AMAZON-02)
1 104.21.96.1 13335 (CLOUDFLAR...)
4 104.26.2.70 13335 (CLOUDFLAR...)
3 142.251.41.6 15169 (GOOGLE)
3 142.251.40.99 15169 (GOOGLE)
1 142.250.81.227 15169 (GOOGLE)
2 18.212.140.196 14618 (AMAZON-AES)
3 54.149.27.21 16509 (AMAZON-02)
1 151.101.193.229 54113 (FASTLY)
1 2 69.147.82.61 14779 (YAHOO)
2 130.211.23.194 396982 (GOOGLE-CL...)
4 104.26.6.141 13335 (CLOUDFLAR...)
10 142.250.65.206 15169 (GOOGLE)
1 35.173.157.167 14618 (AMAZON-AES)
1 107.23.101.61 14618 (AMAZON-AES)
1 2 104.17.248.203 13335 (CLOUDFLAR...)
2 3.223.61.24 14618 (AMAZON-AES)
1 104.21.50.90 13335 (CLOUDFLAR...)
1 13.35.93.44 16509 (AMAZON-02)
1 18.209.41.108 14618 (AMAZON-AES)
2 44.235.40.149 16509 (AMAZON-02)
5 13.226.38.199 16509 (AMAZON-02)
5 142.251.40.142 15169 (GOOGLE)
3 142.251.179.155 15169 (GOOGLE)
5 142.251.32.98 15169 (GOOGLE)
4 142.251.40.131 15169 (GOOGLE)
1 108.138.128.124 16509 (AMAZON-02)
2 57.144.180.128 32934 (FACEBOOK)
1 151.101.44.157 54113 (FASTLY)
3 151.101.65.140 54113 (FASTLY)
2 23.57.90.113 20940 (AKAMAI-AS...)
3 150.171.27.10 8075 (MICROSOFT...)
2 23.56.163.34 16625 (AKAMAI-AS)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 2 68.67.179.153 29990 (ASN-APPNEX)
1 54.84.241.218 14618 (AMAZON-AES)
2 3 35.186.253.211 15169 (GOOGLE)
1 207.65.37.179 62713 (AS-PUBMATIC)
1 3 104.18.26.193 13335 (CLOUDFLAR...)
1 69.173.146.10 26667 (RUBICONPR...)
3 44.206.254.236 14618 (AMAZON-AES)
1 2 142.251.35.166 15169 (GOOGLE)
1 142.250.72.98 15169 (GOOGLE)
1 40.70.4.53 8075 (MICROSOFT...)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
1 151.101.129.140 54113 (FASTLY)
1 107.23.22.141 14618 (AMAZON-AES)
1 1 44.218.102.57 14618 (AMAZON-AES)
1 18.214.33.68 14618 (AMAZON-AES)
2 157.240.241.35 32934 (FACEBOOK)
1 3 18.173.219.111 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 104.22.52.86 13335 (CLOUDFLAR...)
1 18.164.109.182 16509 (AMAZON-02)
9 57.129.37.204 16276 (OVH OVH SAS)
2 5 13.107.42.14 8068 (MICROSOFT...)
1 1 172.64.146.215 13335 (CLOUDFLAR...)
1 18.164.116.69 16509 (AMAZON-02)
2 151.101.128.84 54113 (FASTLY)
1 34.223.74.168 16509 (AMAZON-02)
12 142.251.41.2 15169 (GOOGLE)
1 141.95.98.64 16276 (OVH OVH SAS)
1 142.250.65.193 15169 (GOOGLE)
1 52.92.184.16 16509 (AMAZON-02)
6 142.251.40.97 15169 (GOOGLE)
3 52.85.61.101 16509 (AMAZON-02)
1 54.175.176.142 14618 (AMAZON-AES)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 151.101.193.108 54113 (FASTLY)
1 104.18.25.18 13335 (CLOUDFLAR...)
2 23.51.57.13 16625 (AKAMAI-AS)
1 23.217.173.107 16625 (AKAMAI-AS)
2 2 34.36.216.150 396982 (GOOGLE-CL...)
3 3.87.46.209 14618 (AMAZON-AES)
3 3 52.223.40.198 16509 (AMAZON-02)
1 13.249.91.104 16509 (AMAZON-02)
2 54.84.153.142 14618 (AMAZON-AES)
1 108.138.106.56 16509 (AMAZON-02)
1 13.249.93.221 16509 (AMAZON-02)
3 3.218.49.136 14618 (AMAZON-AES)
4 54.87.26.61 14618 (AMAZON-AES)
1 54.191.152.31 16509 (AMAZON-02)
1 18.204.107.182 14618 (AMAZON-AES)
7 34.209.49.24 16509 (AMAZON-02)
1 1 74.214.194.131 19189 (PULSEPOINT)
1 1 69.166.1.66 27630 (AS-XFERNET)
2 2 52.223.22.214 16509 (AMAZON-02)
1 1 23.105.12.158 30633 (LEASEWEB-...)
2 2 3.66.150.175 16509 (AMAZON-02)
1 1 23.205.72.21 16625 (AKAMAI-AS)
332 97
11    192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net
www.thestar.com
53    104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
12    142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net
www.googletagmanager.com
2    172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
5    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.webtrends-optimize.com
11    142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
securepubads.g.doubleclick.net
1    23.201.191.176 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-191-176.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
5    142.250.80.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f4.1e100.net
www.google.com
1    172.217.165.129 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f1.1e100.net
cdn.ampproject.org
2    108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    64.233.180.84 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f84.1e100.net
accounts.google.com
4    142.250.176.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f14.1e100.net
news.google.com
20    3.168.102.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-4.jfk52.r.cloudfront.net
resources.thestar.com
1    142.250.72.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net
fonts.googleapis.com
3    108.138.112.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-112-90.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    3.168.102.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-102-52.jfk52.r.cloudfront.net
cdn.viafoura.net
1    104.21.96.1 (None, )

ASN13335 (CLOUDFLARENET, US)
bt.dns-finder.com
4    104.26.2.70 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
3    142.251.41.6 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net
ad.doubleclick.net
3    142.251.40.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f3.1e100.net
fonts.gstatic.com
1    142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net
www.gstatic.com
2    18.212.140.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com
data-sales.ccgateway.net
privacy-location-edge.ccgateway.net
3    54.149.27.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-27-21.us-west-2.compute.amazonaws.com
pb-rtd.ccgateway.net
pb-ing.ccgateway.net
1    151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    69.147.82.61 (New York, United States)

ASN14779 (YAHOO, US)
PTR: e2.ycpi.vip.nya.yahoo.com
ups.analytics.yahoo.com
2    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    104.26.6.141 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.btmessage.com
api.btmessage.com
10    142.250.65.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f14.1e100.net
fundingchoicesmessages.google.com
1    35.173.157.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-157-167.compute-1.amazonaws.com
bcp.crwdcntrl.net
1    107.23.101.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-101-61.compute-1.amazonaws.com
api.viafoura.co
2    104.17.248.203 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    3.223.61.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-61-24.compute-1.amazonaws.com
dpm.demdex.net
1    104.21.50.90 (None, )

ASN13335 (CLOUDFLARENET, US)
sdk.mrf.io
1    13.35.93.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-44.jfk50.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    18.209.41.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-41-108.compute-1.amazonaws.com
i.viafoura.co
2    44.235.40.149 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-40-149.us-west-2.compute.amazonaws.com
pb-ing.ccgateway.net
5    13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net
cdn.segment.com
5    142.251.40.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f14.1e100.net
analytics.google.com
3    142.251.179.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f155.1e100.net
stats.g.doubleclick.net
5    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
td.doubleclick.net
4    142.251.40.131 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f3.1e100.net
www.google.ca
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    57.144.180.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-lga3.fbcdn.net
connect.facebook.net
1    151.101.44.157 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
3    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
alb.reddit.com
2    23.57.90.113 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-57-90-113.deploy.static.akamaitechnologies.com
snap.licdn.com
3    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    23.56.163.34 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-34.deploy.static.akamaitechnologies.com
s.pinimg.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
2    68.67.179.153 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    54.84.241.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-241-218.compute-1.amazonaws.com
ap.lijit.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
1    69.173.146.10 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    44.206.254.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-254-236.compute-1.amazonaws.com
btlr.sharethrough.com
2    142.251.35.166 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f6.1e100.net
14475035.fls.doubleclick.net
1    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
googleads.g.doubleclick.net
1    40.70.4.53 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ots.webtrends-optimize.com
1    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    107.23.22.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-22-141.compute-1.amazonaws.com
torontostarnewspaperslimited.demdex.net
1    44.218.102.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-218-102-57.compute-1.amazonaws.com
cm.everesttech.net
1    18.214.33.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-33-68.compute-1.amazonaws.com
pixel.thestar.com
2    157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com
www.facebook.com
3    18.173.219.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-111.jfk52.r.cloudfront.net
sb.scorecardresearch.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    18.164.109.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-109-182.jfk50.r.cloudfront.net
cdn.prod.uidapi.com
9    57.129.37.204 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy03.cl15.ovh.mrf.io
events.newsroom.bi
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    172.64.146.215 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.linkedin.com
1    18.164.116.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-69.jfk50.r.cloudfront.net
launchpad.privacymanager.io
2    151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    34.223.74.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com
api.segment.io
12    142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
pagead2.googlesyndication.com
1    141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    142.250.65.193 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f1.1e100.net
258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com
1    52.92.184.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3.us-west-2.amazonaws.com
6    142.251.40.97 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f1.1e100.net
tpc.googlesyndication.com
3    52.85.61.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-101.ewr53.r.cloudfront.net
geo.privacymanager.io
1    54.175.176.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-176-142.compute-1.amazonaws.com
ce.lijit.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
torontostar-d.openx.net
1    151.101.193.108 (San Francisco, United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    23.51.57.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    23.217.173.107 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-173-107.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
3    3.87.46.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-87-46-209.compute-1.amazonaws.com
match.sharethrough.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    13.249.91.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-91-104.jfk52.r.cloudfront.net
ats-wrapper.privacymanager.io
2    54.84.153.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-153-142.compute-1.amazonaws.com
prebid-a.rubiconproject.com
1    108.138.106.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-56.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.249.93.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-93-221.jfk52.r.cloudfront.net
aax.amazon-adsystem.com
3    3.218.49.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-49-136.compute-1.amazonaws.com
mia-placement-server.rubiconproject.com
4    54.87.26.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-26-61.compute-1.amazonaws.com
sync.springserve.com
1    54.191.152.31 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-152-31.us-west-2.compute.amazonaws.com
tv.springserve.com
1    18.204.107.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-107-182.compute-1.amazonaws.com
rtb.gumgum.com
7    34.209.49.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-49-24.us-west-2.compute.amazonaws.com
vid-io-pdx.springserve.com
1    74.214.194.131 (Amsterdam, Netherlands)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    23.105.12.158 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
2    3.66.150.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-150-175.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    23.205.72.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-72-21.deploy.static.akamaitechnologies.com
cs.media.net
Apex Domain
Subdomains		 Transfer
53 townnews.com
bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 26012
368 KB
32 thestar.com
www.thestar.com — Cisco Umbrella Rank: 263477
resources.thestar.com — Cisco Umbrella Rank: 271776
s.thestar.com Failed
pixel.thestar.com — Cisco Umbrella Rank: 474153
255 KB
25 google.com
www.google.com — Cisco Umbrella Rank: 3
accounts.google.com — Cisco Umbrella Rank: 18
news.google.com — Cisco Umbrella Rank: 6605
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 726
analytics.google.com — Cisco Umbrella Rank: 138
237 KB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 223
ad.doubleclick.net — Cisco Umbrella Rank: 155
stats.g.doubleclick.net — Cisco Umbrella Rank: 131
td.doubleclick.net — Cisco Umbrella Rank: 167
14475035.fls.doubleclick.net — Cisco Umbrella Rank: 448191
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
230 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 179
407 KB
12 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 2698
tv.springserve.com — Cisco Umbrella Rank: 4989
vid-io-pdx.springserve.com — Cisco Umbrella Rank: 9297
10 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
1 MB
9 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 6799
7 KB
8 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3145
ads.rubiconproject.com Failed
fastlane.rubiconproject.com — Cisco Umbrella Rank: 490
eus.rubiconproject.com — Cisco Umbrella Rank: 588
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3383
mia-placement-server.rubiconproject.com — Cisco Umbrella Rank: 66872
pixel.rubiconproject.com Failed
161 KB
7 ccgateway.net
data-sales.ccgateway.net — Cisco Umbrella Rank: 51081
pb-rtd.ccgateway.net — Cisco Umbrella Rank: 6876
privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 9916
pb-ing.ccgateway.net — Cisco Umbrella Rank: 4855
6 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 321
www.linkedin.com — Cisco Umbrella Rank: 662
3 KB
6 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1016
match.sharethrough.com — Cisco Umbrella Rank: 517
3 KB
6 privacymanager.io
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2362
launchpad.privacymanager.io — Cisco Umbrella Rank: 1901
geo.privacymanager.io — Cisco Umbrella Rank: 1973
ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 1819
97 KB
6 webtrends-optimize.com
c.webtrends-optimize.com — Cisco Umbrella Rank: 45502
ots.webtrends-optimize.com — Cisco Umbrella Rank: 43932
59 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 545
torontostar-d.openx.net — Cisco Umbrella Rank: 508399
1 KB
5 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1904
41 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 338
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 685
aax.amazon-adsystem.com — Cisco Umbrella Rank: 458
92 KB
4 google.ca
www.google.ca — Cisco Umbrella Rank: 12101
253 B
4 btmessage.com
cdn.btmessage.com — Cisco Umbrella Rank: 1149
api.btmessage.com — Cisco Umbrella Rank: 1389
52 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
334 KB
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 959
3 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 996
id.crwdcntrl.net Failed
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1042
34 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 967
api.btloader.com — Cisco Umbrella Rank: 1067
21 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 373
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 185
6 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 480
ssum.casalemedia.com — Cisco Umbrella Rank: 1606
23 KB
3 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 476
ads.pubmatic.com — Cisco Umbrella Rank: 552
4 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 274
acdn.adnxs.com — Cisco Umbrella Rank: 658
24 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 358
15 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 256
torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 364190
2 KB
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3827
947 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 405
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 701
855 B
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 980
891 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1007
id5-sync.com — Cisco Umbrella Rank: 515
30 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
4 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2002
alb.reddit.com — Cisco Umbrella Rank: 1337
761 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 717
ce.lijit.com — Cisco Umbrella Rank: 890
5 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1070
25 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 785
24 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1085
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
156 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 729
4 KB
2 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 10005
i.viafoura.co — Cisco Umbrella Rank: 10022
3 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 537
1 KB
1 media.net
cs.media.net — Cisco Umbrella Rank: 957
708 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 909
674 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 642
1 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1385
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 673 Failed
145 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 699
1 amazonaws.com
s3.us-west-2.amazonaws.com
40 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1457
174 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 4239
4 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2369
8 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1590
490 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1030
721 B
1 t.co
t.co — Cisco Umbrella Rank: 943
625 B
1 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 8781
14 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1051
16 KB
1 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 8672
47 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 301
1 KB
1 dns-finder.com
bt.dns-finder.com — Cisco Umbrella Rank: 1202
863 B
1 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 10705
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 510
10 KB
0 impact-ad.jp Failed
y.one.impact-ad.jp Failed
0 admanmedia.com Failed
sync.admanmedia.com Failed
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
0 richaudience.com Failed
sync.richaudience.com Failed
0 teads.tv Failed
sync.teads.tv Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
0 smartclip.net Failed
sync.sxp.smartclip.net Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 tremorhub.com Failed
pbs.publishers.tremorhub.com Failed
0 1rx.io Failed
sync.1rx.io Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 advertising.com Failed
pixel.advertising.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 bfmio.com Failed
sync.bfmio.com Failed
0 Failed
function sub() { [native code] }. Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 optable.co Failed
thestar.solutions.cdn.optable.co Failed
332 83
Domain Requested by
53 bloximages.chicago2.vip.townnews.com www.thestar.com
bloximages.chicago2.vip.townnews.com
20 resources.thestar.com www.thestar.com
resources.thestar.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
12 www.googletagmanager.com www.thestar.com
www.googletagmanager.com
11 securepubads.g.doubleclick.net www.thestar.com
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
11 www.thestar.com 2 redirects www.thestar.com
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 events.newsroom.bi sdk.mrf.io
7 vid-io-pdx.springserve.com www.thestar.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
5 px.ads.linkedin.com 2 redirects snap.licdn.com
www.thestar.com
5 td.doubleclick.net www.googletagmanager.com
5 analytics.google.com www.googletagmanager.com
5 cdn.segment.com www.thestar.com
cdn.segment.com
5 www.google.com www.thestar.com
www.googletagmanager.com
www.gstatic.com
securepubads.g.doubleclick.net
5 c.webtrends-optimize.com www.thestar.com
c.webtrends-optimize.com
4 sync.springserve.com s3.us-west-2.amazonaws.com
www.thestar.com
4 www.google.ca www.thestar.com
4 pb-ing.ccgateway.net micro.rubiconproject.com
4 ad-delivery.net www.thestar.com
cdn.btmessage.com
4 news.google.com www.thestar.com
news.google.com
3 mia-placement-server.rubiconproject.com s3.us-west-2.amazonaws.com
3 match.adsrvr.org 3 redirects
3 match.sharethrough.com www.thestar.com
3 geo.privacymanager.io launchpad.privacymanager.io
ats-wrapper.privacymanager.io
3 sb.scorecardresearch.com 1 redirects www.thestar.com
3 btlr.sharethrough.com micro.rubiconproject.com
3 rtb.openx.net 2 redirects micro.rubiconproject.com
3 bat.bing.com www.thestar.com
bat.bing.com
3 stats.g.doubleclick.net www.googletagmanager.com
3 fonts.gstatic.com fonts.googleapis.com
3 ad.doubleclick.net www.thestar.com
cdn.btmessage.com
3 c.amazon-adsystem.com www.thestar.com
c.amazon-adsystem.com
3 tags.crwdcntrl.net www.thestar.com
tags.crwdcntrl.net
securepubads.g.doubleclick.net
2 ih.adscale.de 2 redirects
2 eb2.3lift.com 2 redirects
2 ssum.casalemedia.com 1 redirects www.thestar.com
2 prebid-a.rubiconproject.com micro.rubiconproject.com
2 pixel-sync.sitescout.com 2 redirects
2 ads.pubmatic.com micro.rubiconproject.com
www.thestar.com
2 torontostar-d.openx.net 1 redirects micro.rubiconproject.com
2 api.btmessage.com cdn.btmessage.com
2 ct.pinterest.com s.pinimg.com
2 www.facebook.com www.thestar.com
2 14475035.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ib.adnxs.com 1 redirects micro.rubiconproject.com
2 s.pinimg.com www.thestar.com
s.pinimg.com
2 snap.licdn.com www.thestar.com
snap.licdn.com
2 www.redditstatic.com www.thestar.com
www.redditstatic.com
2 connect.facebook.net www.thestar.com
connect.facebook.net
2 dpm.demdex.net resources.thestar.com
www.thestar.com
2 unpkg.com 1 redirects www.thestar.com
2 cdn.btmessage.com btloader.com
cdn.btmessage.com
2 api.btloader.com btloader.com
2 ups.analytics.yahoo.com 1 redirects micro.rubiconproject.com
2 btloader.com 1 redirects www.thestar.com
1 cs.media.net 1 redirects
1 sync.go.sonobi.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb.gumgum.com www.thestar.com
1 tv.springserve.com s3.us-west-2.amazonaws.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ats-wrapper.privacymanager.io launchpad.privacymanager.io
1 ssbsync.smartadserver.com www.thestar.com
1 eus.rubiconproject.com micro.rubiconproject.com
1 js-sec.indexww.com micro.rubiconproject.com
1 acdn.adnxs.com micro.rubiconproject.com
1 ce.lijit.com micro.rubiconproject.com
1 s3.us-west-2.amazonaws.com securepubads.g.doubleclick.net
1 258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 api.segment.io cdn.segment.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 www.linkedin.com 1 redirects
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 pixel.thestar.com connect.facebook.net
1 cm.everesttech.net 1 redirects
1 torontostarnewspaperslimited.demdex.net resources.thestar.com
1 alb.reddit.com www.thestar.com
1 pixel-config.reddit.com www.redditstatic.com
1 analytics.twitter.com www.thestar.com
1 t.co www.thestar.com
1 ots.webtrends-optimize.com c.webtrends-optimize.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 htlb.casalemedia.com micro.rubiconproject.com
1 hbopenbid.pubmatic.com micro.rubiconproject.com
1 ap.lijit.com micro.rubiconproject.com
1 tag.rmp.rakuten.com www.thestar.com
1 static.ads-twitter.com www.thestar.com
1 i.viafoura.co www.thestar.com
1 privacy-location-edge.ccgateway.net data-sales.ccgateway.net
1 launchpad-wrapper.privacymanager.io www.thestar.com
1 sdk.mrf.io www.thestar.com
1 api.viafoura.co cdn.viafoura.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.jsdelivr.net micro.rubiconproject.com
1 pb-rtd.ccgateway.net micro.rubiconproject.com
1 data-sales.ccgateway.net micro.rubiconproject.com
1 www.gstatic.com www.google.com
1 bt.dns-finder.com btloader.com
1 cdn.viafoura.net www.thestar.com
1 fonts.googleapis.com www.thestar.com
1 accounts.google.com www.thestar.com
1 cdn.ampproject.org www.thestar.com
1 micro.rubiconproject.com www.thestar.com
0 y.one.impact-ad.jp Failed www.thestar.com
0 sync.admanmedia.com Failed www.thestar.com
0 ads.stickyadstv.com Failed www.thestar.com
0 sync.richaudience.com Failed www.thestar.com
0 pixel.rubiconproject.com Failed www.thestar.com
0 sync.teads.tv Failed www.thestar.com
0 x.bidswitch.net Failed www.thestar.com
0 sync.sxp.smartclip.net Failed www.thestar.com
0 ads.yieldmo.com Failed www.thestar.com
0 pbs.publishers.tremorhub.com Failed www.thestar.com
0 sync.1rx.io Failed www.thestar.com
0 match.adsby.bidtheatre.com Failed www.thestar.com
0 pixel.advertising.com Failed www.thestar.com
0 cs.emxdgt.com Failed www.thestar.com
0 sync.bfmio.com Failed www.thestar.com
0 invalid Failed cdn.btmessage.com
0 s.thestar.com Failed resources.thestar.com
0 ads.rubiconproject.com Failed micro.rubiconproject.com
0 id.crwdcntrl.net Failed micro.rubiconproject.com
0 api.rlcdn.com Failed micro.rubiconproject.com
0 thestar.solutions.cdn.optable.co Failed www.thestar.com
332 130
Subject Issuer Validity Valid
thestar.com
WR1		 2024-12-27 -
2025-03-27		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS RSA CA G1		 2024-03-12 -
2025-04-12		 a year crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.webtrends-optimize.com
Go Daddy Secure Certificate Authority - G2		 2024-02-27 -
2025-03-29		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
www.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
misc-sni.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
accounts.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.news.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.thestar.com
Amazon RSA 2048 M02		 2024-04-28 -
2025-05-26		 a year crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
viafoura.com
Amazon RSA 2048 M03		 2024-07-09 -
2025-08-07		 a year crt.sh
dns-finder.com
WE1		 2025-01-11 -
2025-04-11		 3 months crt.sh
ad-delivery.net
WE1		 2025-01-08 -
2025-04-08		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
ccgateway.net
E5		 2025-01-09 -
2025-04-09		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-11-22 -
2025-05-21		 6 months crt.sh
api.btloader.com
WR3		 2024-11-29 -
2025-02-27		 3 months crt.sh
btmessage.com
WE1		 2024-11-27 -
2025-02-25		 3 months crt.sh
*.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
sdk.mrf.io
WE1		 2025-01-16 -
2025-04-16		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M03		 2024-06-26 -
2025-07-24		 a year crt.sh
viafoura.co
Amazon RSA 2048 M03		 2024-10-23 -
2025-11-21		 a year crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
*.google.ca
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-28 -
2025-01-26		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2024-12-02 -
2025-12-01		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-12-15 -
2025-06-13		 6 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
tag.rmp.rakuten.com
WR3		 2024-11-24 -
2025-02-22		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.lijit.com
Amazon RSA 2048 M03		 2025-01-12 -
2026-02-11		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
casalemedia.com
E5		 2024-12-11 -
2025-03-11		 3 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
t.co
E6		 2024-11-26 -
2025-02-24		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-07 -
2025-10-06		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
pixel.thestar.com
Amazon RSA 2048 M03		 2024-04-09 -
2025-05-08		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
oa.openxcdn.net
WR3		 2025-01-11 -
2025-04-11		 3 months crt.sh
id5-sync.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
cdn.prod.uidapi.com
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
ssl03.cert.cl15.k8s.mrf.io
E6		 2024-11-21 -
2025-02-19		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2024-11-13 -
2025-12-13		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-11-14 -
2025-11-11		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2024-04-08 -
2025-05-09		 a year crt.sh
indexww.com
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-06 -
2026-01-04		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M03		 2024-08-29 -
2025-09-27		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2024-10-17 -
2025-11-15		 a year crt.sh

This page contains 27 frames:

Primary Page: https://www.thestar.com/
Frame ID: C11A8532609929A09AB07084E9DB9CD0
Requests: 251 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1737241260245&publicationId=thestar.com
Frame ID: B30FE13EF434407B0FF7B1C9E4E27271
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/51g0/sw_iframe.html?origin=https%3A%2F%2Fwww.thestar.com
Frame ID: 4280D05A77793C935EC6FFE3997DBC0E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-B4CQN4KW3R&gacid=1196127677.1737241261&gtm=45je51g0v887944298z89101115636za200zb9101115636&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102067555~102067808~102081485~102123607&z=1428595989
Frame ID: D584A9DF99FDA0612B9BD040840D0194
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=17837
Frame ID: 3E4897FC968D9D922DC878E77D26BC67
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-6FZFMVVWVN&gacid=1196127677.1737241261&gtm=45je51g0v873043922z89101115636za200zb9101115636&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102067555~102067808~102081485~102123607&z=453183251
Frame ID: 0E248DF8840D327F714C10E9C3B8206E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=1196127677.1737241261&gtm=45je51g0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102067555~102067808~102081485~102123608&z=1835992748
Frame ID: 1507D7A23B3BE4E4DC44454D38BB1A9E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=en&v=1Bq_oiMBd4XPUhKDwr0YL1Js&size=invisible&cb=lfd5rlm54nrd
Frame ID: 578AF52F8143D40E0B60735EC70B7471
Requests: 1 HTTP requests in this frame

Frame: https://14475035.fls.doubleclick.net/activityi;dc_pre=CMf_wYKwgIsDFddiRwEd2N0UmQ;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F
Frame ID: 31E6EF1A46E2CD264D73658C00D6C91C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F
Frame ID: 3984701FD13BFDDB83F5F53D55A76FCF
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/698108511?random=1737241261586&cv=11&fst=1737241261586&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867836103za200zb72758733&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&pscdl=noapi&auid=971513764.1737241260&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D2E164CB79ABE48582108F4B805AE0E2
Requests: 1 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 0ABBA539A56986A8A3600655B04302DA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: AE3AC843F583A988BDA670998B3C6EBB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=1Bq_oiMBd4XPUhKDwr0YL1Js&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Frame ID: F1FCFBDEB0E8EC31F1F00E2DCEC07B10
Requests: 1 HTTP requests in this frame

Frame: https://258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1706F805B6B8A7CF33C945281C098E66
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-906OrIR8_3yayDxTLisdaoah3BXfiI2EAVKDJndhew11Q8rA3PG6DZ6ejD0h0wXYYXNxm0lU_T-L2OaCCWxfHKk5zuMY4KzDlZpVKvXC92ZdW0QqG_gwYglKlqcj2oJ9smO5fwlPp5Cv4pGnwFaikjD-GtKyoYIPg5u8ozg8JlXoaPEKHblfbo0F_HPrWZXOFCxgOQHQG6m-OXIJGUEoOOOE1FCDcBDWmguzHGS76FcPPvThp3i6xn_BUrtkMIB_T67sFrYCmY_vzc3iBORRooemu7bNmYpuZmMMUiITYXna6zlAyV5cowgaWmKy6A9xlHS4Ti4kPhNd0WU1NhB2c4Ntjku4OtFnSPXkdfYt8yGE9JdD38HuFlgpB5ShL9OVhcR3vmet8A&sai=AMfl-YQYaB_gguisyAuF7GI9xRyvhAkiW24bxHIXahg_IaqUFgc6lDzeK1ADhf3GIWzkQQwwLf1qm5b1JoRGsoRDzzpxzFDYpGUzfOPJHBQInZSWneeaCsWaevCfQWE&sig=Cg0ArKJSzOKkwzhIAncwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9C1D4D6A33441AE071F9F91BD6F6283C
Requests: 38 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPNgNd6nBKUMyD4ATc99ZK12a8iWEHSGKIj75eVmSdUsbn8f6_AEb7DKND1EOgBhJATAITYXvY1EzX8aw8QFOyUDxryCpTdbDKjiXhFPvtXwdB2dGoedrOlXRbNxxjzOYKLaHHQjQXxfo47HANPNjkM5zxUO3waCTNUxU1KGVLJBTVoIOaZF15BQa_k2XVpQ2Pyf036IsauNm7_zSFwF_hmckD2R7_S6psofP-LxgY7dMO31vmjC97Yf8m1M2DjGRp_uYOQo4-zsUP7nzOd6Ho-blIq8FHtRz5XgjdFQkg6c-i38YFwhyYL7pIuYNcnl9sMobSYEPTk3uW1wHmrKwnL3y3t5dcOWO7bJCLDri1Oswc0uoZJoKrhqBvAWTW7ZHUIIK_IXJmnA4lA8b97gGJ-iW7I4rPA2mthg7FzZHtg3cklfXCjxzI&sai=AMfl-YQfINUAXCb7e-k90D2fVkMYbvH6lMBe9bY471cu9jtEzfiBdp__UDP-81j3OxbjHBOE3fKlQsBDqC354ReRyps_Q0ZkH27J2MZhH1mm2O9uYLIT8NHld4ucQys&sig=Cg0ArKJSzCGeLTWt1TP7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 08404C6D460F13B471A416E8A5AF4A61
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlmzphoXTxR7Slfec0j6ka9bwgEweK1fyOE5WSKup6p5Xg-nIegUJAypFbEV1u2G_VgGQbxw9GvDTG-9t-ACW3ug0FmJjyN0jYrUYNxH0CZ2tU7clTVTns3hAgakjj9ybAMpqZ-kggKTDrV5n2j-s74ywauJE2iZHHtmEhxySskxPZEtItp3REJiQ-Y6AsZyXpuj_BsshAdf7gGeYD7F4vrbxSgXUfD_MvXjGLrRzW_FnRF3zqdMcD3cmfIB4qsNr9E1CmSvT2ckTGRjwFyA1CncAB9CLLh3fQCGX-crQpNqed8EtCLJfeOp101RavSHLb7XUQoOW-K6yvD89_-F75EseSVKr7uzj5_hEX3nvTc16HNdBiFOD9tJw8f5XX7WjTSPxHUvVsYMffe7vDMyaYD0cc3a0mBuv5-dS9q8qHKK7DyHCaXkv6&sai=AMfl-YSOqGfFtFBXBCcRrnpHPfkAdkoHmuPkEJXZxvcg24I9-SKYo5sJnnD28dUoF3LEybBGwMVtrJ9BeDyCMGi8em64Q5ZQFrojN1WlbGDLk9N2R1Eb0vIawvFPsQs&sig=Cg0ArKJSzOpVkTdoJ0VqEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 5B93A4790AA309D9948D9175EC62C842
Requests: 10 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13398908
Frame ID: DD2B7BF3F8B205D4A90AC34689C7D941
Requests: 1 HTTP requests in this frame

Frame: https://torontostar-d.openx.net/w/1.0/pd?cc=1
Frame ID: 187F844504CF8475A7FA740E236C2ACA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C905C676950B0896A586DE4AFFD36F50
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0E838D99FDB3A27D99D74DE06EC76EF2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=165546
Frame ID: F8269944B69699BA8E1BCC06D47CC5B0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5AFE09D2ACA1B3E74A154F088B8A91F3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 87D821D73C3F55E8FD00AD4B96F629C4
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=&s=191709&us_privacy=&C=1
Frame ID: 21267BCC2C90DAF62109559CB4C5C77B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 4B4B5EB6A2A6B5CD38E737DCD5C1B565
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Breaking News - Headlines & Top Stories | The Star

Page URL History Show full URLs

  1. https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-cl... HTTP 301
    https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-cl... HTTP 301
    https://www.thestar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

332
Requests

88 %
HTTPS

0 %
IPv6

83
Domains

130
Subdomains

97
IPs

6
Countries

4020 kB
Transfer

12152 kB
Size

176
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-clement-says HTTP 301
    https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-clement-says/ HTTP 301
    https://www.thestar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://btloader.com/tag?o=5071905434894336&upapi=true&async=true HTTP 302
  • https://btloader.com/tag?o=5071905434894336&upapi=true
Request Chain 108
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
Request Chain 174
  • https://14475035.fls.doubleclick.net/activityi;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F HTTP 302
  • https://14475035.fls.doubleclick.net/activityi;dc_pre=CMf_wYKwgIsDFddiRwEd2N0UmQ;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F
Request Chain 192
  • https://cm.everesttech.net/cm/dd?d_uuid=42541773480856299834205884727343254339 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4wyrgAAAHNQGwN2
Request Chain 210
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1737241262324%26li_adsId%3D4aa6c804-2f48-4b66-a97f-b8c17dba4c1d%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
Request Chain 223
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1737241262783&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1737241262783&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
Request Chain 270
  • https://torontostar-d.openx.net/w/1.0/pd HTTP 302
  • https://torontostar-d.openx.net/w/1.0/pd?cc=1
Request Chain 275
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553&gdpr=0&gdpr_consent=
Request Chain 276
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=
Request Chain 303
  • https://ssum.casalemedia.com/usermatch?s=191709&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=&s=191709&us_privacy=&C=1
Request Chain 305
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=&us_privacy=&uuid=5032042615911074898
Request Chain 309
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D&us_privacy=&ox_sc=1 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=&us_privacy=&uuid=6a6ffed8-630e-42ad-be81-8e3073a7954c
Request Chain 310
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 311
  • https://bh.contextweb.com/rtset?gdpr=0&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=&us_privacy=&uuid=jHIcZyFqInUA&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=0
Request Chain 313
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=&us_privacy=&uuid=b0c214e4-3a9a-4cb3-bd86-311d57168408
Request Chain 315
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000016&gdpr=0&gdpr_consent=&us_privacy=&uuid=590067679440313043950
Request Chain 317
  • https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=8980255714392532380
Request Chain 318
  • https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.springserve.com/usersync?aid=1000019&uuid=y-pYORLolE2uKD0mer_SXPLxmNq2krNQZ5~A&gdpr_in_effect=0
Request Chain 322
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D__STROEER_USER_ID__&nut&uu=bff1f85eb7bf42ba8b14758855a3e627 HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=&us_privacy=&uuid=bff1f85eb7bf42ba8b14758855a3e627
Request Chain 325
  • https://cs.media.net/cksync?cs=60&type=ss&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%3Cvsid%3E HTTP 302
  • https://vid-io-pdx.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=&us_privacy=&uuid=3802428701783552000V10
Request Chain 329
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0kkyw3l&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

332 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.thestar.com/
Redirect Chain
  • https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-clement-says
  • https://www.thestar.com/news/canada/article/835932--statscan-recommended-move-to-voluntary-census-clement-says/
  • https://www.thestar.com/
670 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
e7264a77685f244c6ea46096933d22ef8698d2ed8212564168bc6839d852ab9a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
76
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding
gzip
content-length
92293
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 18 Jan 2025 22:59:40 GMT
etag
W/49509df1f84375e14b3d936ea388bede
last-modified
Sat, 18 Jan 2025 22:59:39 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.84.3; app14; 0.74s; 10.4M
x-ua-compatible
IE=edge
x-vcache
HIT
x-xrds-location
https://www.thestar.com/tncms/xrds/
x-xss-protection
1; mode=block

Redirect headers

age
117
cache-control
public, max-age=300
content-encoding
gzip
content-length
1482
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 18 Jan 2025 22:59:00 GMT
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location
/
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.84.3; app20; 0.01s; 3.2M
x-vcache
HIT
x-xss-protection
1; mode=block
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"60e609f2-1882c"
age
2132012
expires
Fri, 28 Nov 2025 10:01:00 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444285b36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
38456
server
cloudflare
user.js
www.thestar.com/shared-content/art/tncms/user/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"6785792c-ee3"
age
23
accept-ranges
bytes
content-length
1658
date
Sat, 18 Jan 2025 23:00:34 GMT
last-modified
Mon, 13 Jan 2025 20:35:56 GMT
content-type
application/x-javascript
vary
Accept-Encoding
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5d726a23-9bd8"
age
2217556
expires
Mon, 01 Dec 2025 10:12:31 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444083036cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
12719
server
cloudflare
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b376-841f"
age
1953195
expires
Fri, 28 Nov 2025 10:13:27 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:02 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444285836cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
14189
server
cloudflare
tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b374-2d77"
age
2194581
expires
Mon, 01 Dec 2025 06:31:22 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:00 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444083336cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4260
server
cloudflare
application.0758030105fdd3a70dff03f4da4530e2.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67634cb1-1166"
age
2119857
expires
Thu, 25 Dec 2025 08:56:04 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 18 Dec 2024 22:29:05 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444083236cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1636
server
cloudflare
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b375-9b8"
age
2210770
expires
Sun, 30 Nov 2025 09:31:51 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:01 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444285a36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b374-1ac2e"
age
2217485
expires
Fri, 28 Nov 2025 05:55:06 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 14:11:00 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444082936cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
21439
server
cloudflare
layout.445fe84a0de89ff533f664a9d583077c.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		156 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.445fe84a0de89ff533f664a9d583077c.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c8976166ffd559fcb18da875ed7ec6a1fd1ab48f3afbc808bc555503ca81856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677d9db2-26e41"
age
356392
expires
Wed, 14 Jan 2026 20:01:04 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/css
last-modified
Tue, 07 Jan 2025 21:33:38 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444082a36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
34506
server
cloudflare
oovvuu.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		588 B
404 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/oovvuu.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c6983606eae184b6c555ec5ed37a79f5038a478645e778921e618d74ed7f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-24c"
age
879577
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444082f36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
271
server
cloudflare
flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		531 B
397 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"671917b2-213"
age
2021471
expires
Thu, 06 Nov 2025 07:18:22 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/css
last-modified
Wed, 23 Oct 2024 15:35:14 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444082d36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
263
server
cloudflare
flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b379-2021"
age
2210645
expires
Sun, 30 Nov 2025 11:15:25 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 14:11:05 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444082b36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1823
server
cloudflare
gtm.js
www.googletagmanager.com/ 		244 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
27e1cdf16748e5b2097585da88f0a2bdc0cab42db58862789bc8293405ba853d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 18 Jan 2025 23:00:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
84359
x-xss-protection
0
server
Google Tag Manager
csrf.js
www.thestar.com/shared-content/art/tncms/api/ 		940 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/api/csrf.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://www.thestar.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"6785792c-3ac"
age
86
accept-ranges
bytes
content-length
537
date
Sat, 18 Jan 2025 22:59:31 GMT
last-modified
Mon, 13 Jan 2025 20:35:56 GMT
content-type
application/x-javascript
vary
Accept-Encoding
access.dc3c699a08d4c746923b.js
www.thestar.com/shared-content/art/tncms/api/ 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/api/access.dc3c699a08d4c746923b.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
677cc0495698cb89f48ae26875ef08920755bbc101a6798f7daa7bfbcfd5cb79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://www.thestar.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"677d9df1-11cc8"
age
118
accept-ranges
bytes
content-length
29854
date
Sat, 18 Jan 2025 22:58:59 GMT
last-modified
Tue, 07 Jan 2025 21:34:41 GMT
content-type
application/x-javascript
vary
Accept-Encoding
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
  • https://btloader.com/tag?o=5071905434894336&upapi=true
59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1335a729ab925863a4ad91486df4788b5e21270710d4425d4b8a996424cc9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"173272407737708045b4734003e1ddc3"
age
1152
via
1.1 google
cf-ray
904234517af8aac0-YYZ
accept-ranges
bytes
content-length
20299
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:38:16 GMT
vary
Origin, Accept-Encoding
server
cloudflare

Redirect headers

cache-control
public, max-age=3600, must-revalidate
location
/tag?o=5071905434894336&upapi=true
cf-cache-status
HIT
age
1152
via
1.1 google
cf-ray
904234513aa7aac0-YYZ
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
thestar-sdk.js
thestar.solutions.cdn.optable.co/public-assets/ 		0
0
wt.js
c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/ 		63 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7fd434d2cc35d0d48b8f1af57b20819dd8e0856702b25d429308cf118aedc855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
etag
"fa87-6272c6edd808c-gzip"
x-fd-int-roxy-purgeid
82474178
expires
Sat, 11 Jan 2025 08:37:07 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
16629
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 18 Nov 2024 09:20:52 GMT
vary
Accept-Encoding
x-azure-ref
20250118T230057Z-16978cfcfd4ggjgrhC1YTO51gn00000007ng0000000065uf
axate-helper.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/axate-helper.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cde2b88166202ca02bb7edb492dc4b4873134bf0d524245240458b8ec058823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-1947"
age
879577
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423445096e36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2387
server
cloudflare
edition-selector.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/edition-selector.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-2076"
age
879579
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423450e9b636cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2252
server
cloudflare
footer.nav.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		2 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/footer.nav.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c6c8ef16f19b7a2e015a857f3f43bc4997fb5044f8dd62644329ba4a8420dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-999"
age
879579
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423450e9b736cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
639
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
f3d5781bb4f8ebe84d7dec3c75557341734b0097576b9a8a44d500bc9b28f382
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
888 / 20106 / m202501140101 / config-hash: 15735735995933567894
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:00:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34177
x-xss-protection
0
server
cafe
18488.js
micro.rubiconproject.com/prebid/dynamic/ 		506 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/18488.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.191.176 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-191-176.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15 /
Resource Hash
5015eef77cec273e4f41253e8c940a51967fcc24b9f32123ca9d54aa8af2705b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

edge-cache-tag
prod-prebid-18488_The_Star.js
cache-control
public, must-revalidate, max-age=14400
content-encoding
gzip
expires
Sun, 19 Jan 2025 16:30:47 GMT
content-length
157436
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding, referer
server
Apache/2.4.62 (Debian) PHP/8.3.13 OpenSSL/3.0.15
alertbar.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/alertbar.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f274f481a0b3c1d4ab4355f993b517688fe298ab18f810c9bb9a7be0ead03c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-254b"
age
728642
expires
Sat, 10 Jan 2026 12:36:55 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423445097136cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2192
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f4.1e100.net
Software
ESF /
Resource Hash
accb119a0fd0678caac3049b83febfa94766cdcd6543e33c86941567a198cc2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:00:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Sat, 18 Jan 2025 23:00:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		207 B
311 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b378-cf"
age
2121247
expires
Mon, 01 Dec 2025 08:17:17 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:04 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423445097236cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
server
cloudflare
tracking.js
www.thestar.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/tncms/tracking.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"6785792c-a3a"
age
98
accept-ranges
bytes
content-length
1157
date
Sat, 18 Jan 2025 22:59:18 GMT
last-modified
Mon, 13 Jan 2025 20:35:56 GMT
content-type
application/x-javascript
vary
Accept-Encoding
save.asset.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		2 KB
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/save.asset.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-721"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423450e9b836cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
674
server
cloudflare
fontawesome.48f6e778a25162f5c4a6977fb556155b.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		277 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b376-45518"
age
2218195
expires
Wed, 03 Dec 2025 10:40:07 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:02 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423450e9ba36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
117608
server
cloudflare
amp-iframe-0.1.js
cdn.ampproject.org/v0/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f1.1e100.net
Software
sffe /
Resource Hash
90a0a692795e552c341d7bd98cb76ce5fc5a9ace287a92ac44ce0e6fe93b034f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
"77dcc70a0a78da30"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:00:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
8921
x-xss-protection
0
server
sffe
lt.min.js
tags.crwdcntrl.net/lt/c/17837/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/17837/lt.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d94fa0a7e38809041e356a8442c08f06cf4cfb944c714d71ad8f4d9d24fd96b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"f87339bf3b4dc1e0014c7277f5562f7a"
age
55635
via
1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
jX27ucLLKH-oUpzt0DV3iKUFemwzFnSVntdTkdjKUCJt0ECcy6QGUg==
date
Sat, 18 Jan 2025 07:33:44 GMT
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 16:11:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
client
accounts.google.com/gsi/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f84.1e100.net
Software
ESF /
Resource Hash
55c944f240f93b8462ded897b5046c8c53df06167c6fd8af1a99ba1bb57fec36
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WNaQYVa3S4Aqn81ttt_ysg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-security-policy
script-src 'report-sample' 'nonce-WNaQYVa3S4Aqn81ttt_ysg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:01:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Sat, 18 Jan 2025 23:01:00 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
swg.js
news.google.com/swg/js/v1/ 		245 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
sffe /
Resource Hash
122163280d6bba187ca367865d7a62aae924cb003b13127057de19d92eb53aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
age
452
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:43:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 22:53:27 GMT
last-modified
Wed, 15 Jan 2025 20:50:16 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
72672
x-xss-protection
0
server
sffe
launch-9387fe3a1e9f.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/ 		380 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71435db14d43897c1bd2effcfdc3629687f2d9efab98f5745f3ef9eec0e9ed38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"e2c660c46977d0b3da52c8b7cf0ce16a"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
vi6crDxMQanI67TrfT-CmxizxmXUFsk5L5xD5UTkhO6rszdhR4Sw-A==
date
Sat, 18 Jan 2025 22:25:33 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:24:00 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f10.1e100.net
Software
ESF /
Resource Hash
2ffbd4bbedceb57c0099e3028f3c265f6912df1cd0c591ed131ea23a5d28e32e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:00:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 18 Jan 2025 23:00:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
navigation.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/navigation.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-28b1"
age
879577
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234467b3636cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2468
server
cloudflare
pages.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		198 B
252 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/pages.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-c6"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b8436cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
168
server
cloudflare
blocks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/blocks.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-12e6"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b8b36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1482
server
cloudflare
utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		628 B
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/utilities.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-274"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b8f36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
396
server
cloudflare
global.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c0780e7f6e532536ae33d56306f18e6d4fc047e67fd9bbaaa7f1272a72e8d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-9c15"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9336cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8928
server
cloudflare
stn.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		3 KB
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/stn.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-ded"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9536cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
776
server
cloudflare
storypacks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		52 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/storypacks.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72995ef7e52dafc770a56457038f77d59a619a426132bfe914ba3ba4f683640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-cfe5"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9836cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6725
server
cloudflare
utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		34 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/utilities.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b69399569237ff386301a82562ff6b21c1d31370b29928025cee63b7252f848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-8999"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9936cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8919
server
cloudflare
user-controls.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/user-controls.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80abdc7301a85f3723a06e115899beb85170026b040c44834b954be0d2f2af3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-1839"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9d36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1734
server
cloudflare
icons.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ebc1e62c024fc610ffd18df157488dfa4321fc8db7222d9db66e92e1afe7b7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-3369"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9e36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1201
server
cloudflare
staronly.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		223 B
259 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/staronly.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-df"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469b9f36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
175
server
cloudflare
site.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 		339 B
351 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/site.css?_dc=1671043982
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"639a1b8e-153"
age
1949812
expires
Sat, 29 Nov 2025 11:11:24 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 14 Dec 2022 18:53:02 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469ba036cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
218
server
cloudflare
primis.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		258 B
257 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/primis.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f869f4cb68f99dfd2565886a1db8d086c5753ec325dc80170c23238b284da0db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-102"
age
879578
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234469ba136cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
174
server
cloudflare
tracker.js
www.thestar.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/shared-content/art/stats/common/tracker.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"66f6f794-2200"
age
270
accept-ranges
bytes
content-length
3224
date
Sat, 18 Jan 2025 22:56:27 GMT
last-modified
Fri, 27 Sep 2024 18:21:08 GMT
content-type
application/x-javascript
vary
Accept-Encoding
31c48758-8d44-11ed-8c30-0bcb8697ec11.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/31c48758-8d44-11ed-8c30-0bcb8697ec11.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"63b74833-552"
age
2040848
cf-cache-status
HIT
expires
Fri, 19 Dec 2025 17:26:45 GMT
cf-polished
origFmt=png, origSize=1362
date
Sat, 18 Jan 2025 23:00:58 GMT
content-type
image/webp
content-disposition
inline; filename="31c48758-8d44-11ed-8c30-0bcb8697ec11.webp"
vary
Accept
last-modified
Thu, 05 Jan 2023 21:59:15 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234472ca036cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1086
server
cloudflare
2faeee7c-8d44-11ed-8c18-eb5483a10695.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/2faeee7c-8d44-11ed-8c18-eb5483a10695.png
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"63b7482f-609"
age
2115965
cf-cache-status
HIT
expires
Thu, 25 Dec 2025 10:23:08 GMT
cf-polished
origFmt=png, origSize=1545
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/webp
content-disposition
inline; filename="2faeee7c-8d44-11ed-8c18-eb5483a10695.webp"
vary
Accept
last-modified
Thu, 05 Jan 2023 21:59:11 GMT
x-vcache
HIT
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
9042344edee036cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1228
server
cloudflare
subscription-landing.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/subscription-landing.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8112209cec2123efc61574a748d65e346ffd80acc0784182ca7f80c1bdd7820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-2d1c"
age
879579
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
9042344fd83536cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2644
server
cloudflare
newsletter-helper.min.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		363 B
379 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/newsletter-helper.min.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457e85861044e6c6ed188aee506092571f5ba71759bbc1de4340ece02b69194e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-16b"
age
879579
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
9042344fd83836cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
278
server
cloudflare
tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b378-3662"
age
2115548
expires
Sat, 29 Nov 2025 05:23:13 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:04 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
9042345008a236cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5096
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/ 		353 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c68861e0a0128c97407e9710410738ed32b2a33f3bf3d774a875070998ad8b2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"8f20dfc7ea3702063ac45ab211065c8f"
age
2972
via
1.1 cf29f50e3abcfc5226af6f36cb760c56.cloudfront.net (CloudFront), 1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cxyZjA1LNmEP4cNJg1h5MywItUX4A8hXry89Ui3BJSycxw3eHyjoEQ==
date
Sat, 18 Jan 2025 22:11:36 GMT
content-type
application/javascript
last-modified
Thu, 16 Jan 2025 18:49:27 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P7, JFK50-P3
x-amz-server-side-encryption
AES256
sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b376-1010"
age
2217218
expires
Tue, 02 Dec 2025 11:53:49 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:02 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
9042345008a536cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1501
server
cloudflare
tnt.regions.e7df22f20c42105cce5864da9e346f48.js
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.e7df22f20c42105cce5864da9e346f48.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734b375-1041"
age
1869733
expires
Wed, 26 Nov 2025 05:45:22 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 13 Nov 2024 14:11:01 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
9042345048de36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1560
server
cloudflare
promo_popup.min.js
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/promo_popup.min.js?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71da9274a22ca23f73eca12863338b843338c9dbef2e0583fd198cfc6578eb05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-10a2"
age
879551
expires
Thu, 08 Jan 2026 18:41:39 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/x-javascript
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423450993e36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
1389
server
cloudflare
index.js
cdn.viafoura.net/entry/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/entry/index.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-52.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3f274945138b46f471efb16209958920222ef219cf795a9107e75a61cf99e99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
x-amz-version-id
LfvGKGLkUINIa2SdfjimOYKWsn8wSfeU
etag
W/"2a75deb76e7e3f75538f8370a4874f55"
age
414
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
p9jjUv30SXd0vlAAk0BJoeoSZxxZqR_pC93ZRN-1EoGowtrc8yf30Q==
date
Sat, 18 Jan 2025 22:54:07 GMT
content-type
text/javascript
vary
accept-encoding, Origin
last-modified
Tue, 07 Jan 2025 16:13:35 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=600,s-max-age=60
via
1.1 bcba63317be8c4e9a4e9a6f5ec2b6c14.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
sizzle.min.js
c.webtrends-optimize.com/acs/common/js/5.4/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webtrends-optimize.com/acs/common/js/5.4/sizzle.min.js
Requested by
Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a70b993e6415ddfd66ea6ee209e3ab2fa3f88b0d3e4329aec59cffedf2c32db6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
etag
"4d8a-58242ec738780-gzip"
x-fd-int-roxy-purgeid
82474178
expires
Wed, 15 Jan 2025 18:48:33 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
7375
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 19 Feb 2019 17:53:50 GMT
vary
Accept-Encoding
x-azure-ref
20250118T230059Z-16978cfcfd4ggjgrhC1YTO51gn00000007ng0000000065x6
common.js
c.webtrends-optimize.com/acs/common/js/5.4/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webtrends-optimize.com/acs/common/js/5.4/common.js
Requested by
Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cfd886a01f6af8332fc28434bfeb5fb5c29e3417d31b0f8d52c1fd60bafafba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
etag
"516e-5bd09eb477b58-gzip"
x-fd-int-roxy-purgeid
82474178
expires
Thu, 16 Jan 2025 17:37:59 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
6511
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 08 Mar 2021 17:39:43 GMT
vary
Accept-Encoding
x-azure-ref
20250118T230059Z-16978cfcfd4ggjgrhC1YTO51gn00000007ng0000000065x7
wt_debugger.js
c.webtrends-optimize.com/acs/common/js/5.4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webtrends-optimize.com/acs/common/js/5.4/wt_debugger.js
Requested by
Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0f28f8ef3c65ede1c3171b6e44188fca93e15b53d362d0bbb9a22c93d3f73fdd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
etag
"10d0-5bd09eb4d5758-gzip"
x-fd-int-roxy-purgeid
82474178
expires
Fri, 17 Jan 2025 00:10:15 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
1720
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 08 Mar 2021 17:39:43 GMT
vary
Accept-Encoding
x-azure-ref
20250118T230059Z-16978cfcfd4ggjgrhC1YTO51gn00000007ng0000000065x8
wt_lib.js
c.webtrends-optimize.com/acs/common/js/5.8/ 		81 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webtrends-optimize.com/acs/common/js/5.8/wt_lib.js
Requested by
Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eaee23e58c205d4c6cf7bd926e6a02e09d615f08775aef44b9387f0c26a13007

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
etag
"14547-61c69f98664e1-gzip"
x-fd-int-roxy-purgeid
82474178
expires
Fri, 17 Jan 2025 09:16:31 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
TCP_HIT
content-length
22201
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 04 Jul 2024 11:09:03 GMT
vary
Accept-Encoding
x-azure-ref
20250118T230059Z-16978cfcfd4ggjgrhC1YTO51gn00000007ng0000000065x9
gtm.js
www.googletagmanager.com/ 		323 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1760bc8697f26b7a8aea15f17a62fea2554c94ab2fbea48ae3b44affe8e4f364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
application/javascript; charset=UTF-8
vary
*
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
112327
x-xss-protection
0
server
Google Tag Manager
oovvuu.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 		588 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/oovvuu.css?_dc=1736361378
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c6983606eae184b6c555ec5ed37a79f5038a478645e778921e618d74ed7f1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a2-24c"
age
879577
expires
Thu, 08 Jan 2026 18:41:20 GMT
date
Sat, 18 Jan 2025 23:00:57 GMT
content-type
text/css
last-modified
Wed, 08 Jan 2025 18:36:18 GMT
vary
Accept-Encoding
x-vcache
MISS
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423444082f36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
271
server
cloudflare
px.gif
bt.dns-finder.com/ 		43 B
863 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bt.dns-finder.com/px.gif
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
4
access-control-expose-headers
Content-Type, Cache-Control
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
2037
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S7cgbjMqtyG1RkqDbnD7RU%2BMSGBb3SCAtUcj6HMX7Mh8M3DWel1RzJAVbF2BedvK2lfT6LUrt9ohHMsYbJ3%2FqyQISjdIpeLwSWAtdLAp9mTQEv%2FdF0QmNHruUrjrLziLH12huA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 18 Jan 2025 23:27:02 GMT
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
43
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 16:36:17 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC51zwpN5nqWF_sx3aLcIBTeGHoqj5oUWJxzmhTB8kR6fkoBcKb737ohV8WFfmCT_Use
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
STANDARD
cf-ray
904234520e1dac42-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721406977485562
content-length
43
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1866949
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BW2dSQmDsH4Z4Spl2FQ4dkfsU4Vhbax2EKkqtTJwEQV4FTWadglK0RHKzkKmp%2B5uzsUUIbfvollvTFdD9kro1M8KFOVPoV%2Bs8%2BMJzGG8g%2BBk7gUl5Bj96KNgmSIQ5lEsRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 28 Dec 2024 09:19:27 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=26099&min_rtt=21340&rtt_var=8505&sent=9&recv=11&lost=0&retrans=1&sent_bytes=5668&recv_bytes=2332&delivery_rate=38659&cwnd=252&unsent_bytes=0&cid=b11c243da5e7fe01&ts=189&x=0"
x-goog-stored-content-length
43
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6QpQ_s6m5FRXvy5wRik8hq7ZLxk6K9IZoW_PUPWeYPPJV35sGtvGg-SmqrBJgc4aD3RoEuts8
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
904234545c36ab34-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
age
862
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 19 Jan 2025 22:46:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 22:46:38 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6064996888853149
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1866949
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22wf%2BqWrbKQcCH7U6L%2BastNgBqNApbqjBdXenVTe4hQwP4RkX1lvP1x1lIuGvNJTEgxczFk9X8ha3exBd3gOdDucrfxFgadKNtK1CP7ga1jmxOZlykljMUAcOuWexLpHcw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 28 Dec 2024 09:19:27 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=26099&min_rtt=21340&rtt_var=8505&sent=12&recv=11&lost=0&retrans=1&sent_bytes=6802&recv_bytes=2332&delivery_rate=38659&cwnd=252&unsent_bytes=0&cid=b11c243da5e7fe01&ts=195&x=0"
x-goog-stored-content-length
43
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6QpQ_s6m5FRXvy5wRik8hq7ZLxk6K9IZoW_PUPWeYPPJV35sGtvGg-SmqrBJgc4aD3RoEuts8
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
904234545c3aab34-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
tracker.gif
www.thestar.com/shared-content/art/stats/common/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=17372412598049090160012001376782402153&tnms_dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&tnms_upage=1&tnms_do=www.thestar.com&tnms_uri=/&tnms_ref=&rt=1737241259805
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-vcache
MISS
cache-control
no-cache, no-store
etag
"48f79fed-0"
age
0
accept-ranges
bytes
content-length
0
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/gif
last-modified
Thu, 16 Oct 2008 20:11:25 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
Toronto_Star_logo.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/Toronto_Star_logo.svg?_dc=1736361376
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"677ec5a0-16bb"
age
879580
expires
Thu, 08 Jan 2026 18:41:18 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/svg+xml
last-modified
Wed, 08 Jan 2025 18:36:16 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423451eb5a36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2372
server
cloudflare
guest.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		662 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/guest.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67476589-296"
age
2039689
expires
Sun, 30 Nov 2025 10:12:25 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Nov 2024 18:31:37 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423451eb5e36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
382
server
cloudflare
nbetting.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/nbetting.png
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1736361378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1736361378

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"6747658a-2b5f"
age
2028575
cf-cache-status
HIT
expires
Mon, 01 Dec 2025 08:09:28 GMT
cf-polished
origFmt=png, origSize=11103
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/webp
content-disposition
inline; filename="nbetting.webp"
vary
Accept
last-modified
Wed, 27 Nov 2024 18:31:38 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423451eb6136cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
6086
server
cloudflare
cancel.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		331 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/cancel.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c939c941aba39a0f4d0e9ad56a9fcb9897d42c0283c80e9d10341ef89a0870e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6747658a-14b"
age
3997161
expires
Sat, 29 Nov 2025 11:52:33 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Nov 2024 18:31:38 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423451fb6836cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
218
server
cloudflare
indicator-icon-aggregation.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		703 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/indicator-icon-aggregation.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1736361378

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6759da86-2bf"
age
2199292
expires
Wed, 24 Dec 2025 01:30:48 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/svg+xml
last-modified
Wed, 11 Dec 2024 18:31:34 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423451fb6936cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
405
server
cloudflare
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://fonts.googleapis.com/

Response headers

age
291579
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 14:01:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 14:01:20 GMT
last-modified
Thu, 27 Apr 2023 00:13:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
38268
x-xss-protection
0
server
sffe
j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v21/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://fonts.googleapis.com/

Response headers

age
281393
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 16:51:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 16:51:06 GMT
last-modified
Thu, 11 Apr 2024 18:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
44372
x-xss-protection
0
server
sffe
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
chevron.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 		347 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/chevron.svg
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1736361378
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1736361378

Response headers

x-robots-tag
noarchive
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6734f0a8-15b"
age
2121116
expires
Wed, 26 Nov 2025 03:17:29 GMT
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/svg+xml
last-modified
Wed, 13 Nov 2024 18:32:08 GMT
vary
Accept-Encoding
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234524bf336cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
246
server
cloudflare
7cfc38ca-9d1a-11ed-8f0b-5cb9017b77dc.a0b13c4b7a02e09c478fe74111026137.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/7/cf/c38/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/7/cf/c38/7cfc38ca-9d1a-11ed-8f0b-5cb9017b77dc.a0b13c4b7a02e09c478fe74111026137.png?_dc=1683205896
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597cf1adbafca51f41aedfbdc509c2e15e81382778e096b1398c66cda6865f2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"6453af08-2d0a"
age
698779
cf-cache-status
HIT
expires
Sat, 10 Jan 2026 18:38:44 GMT
cf-polished
origFmt=png, origSize=11530
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/webp
content-disposition
inline; filename="7cfc38ca-9d1a-11ed-8f0b-5cb9017b77dc.webp"
vary
Accept
last-modified
Thu, 04 May 2023 13:11:36 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234526c2536cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7428
server
cloudflare
4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png?_dc=1683211417
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e62bc02cd5fca4b743c497a1b1b06096f90407e772e6acf00d6e0ec60970ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"6453c499-2ece"
age
2041611
cf-cache-status
HIT
expires
Tue, 25 Nov 2025 18:05:00 GMT
cf-polished
origFmt=png, origSize=11982
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/webp
content-disposition
inline; filename="4bf41a72-9d1f-11ed-962a-731f98635eec.webp"
vary
Accept
last-modified
Thu, 04 May 2023 14:43:37 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234526c2936cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7582
server
cloudflare
9c9fa7d8-b8cd-11ed-ba3d-87ef1421dbae.8083a260b84fef8ff1f0edeff4983fcf.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/9/c9/fa7/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/9/c9/fa7/9c9fa7d8-b8cd-11ed-ba3d-87ef1421dbae.8083a260b84fef8ff1f0edeff4983fcf.png?_dc=1686689943
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565f07e2f1e69f69195c5bf95d5668bb110a38683ae051202b3a6db87b7ed516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"6488d897-2d15"
age
186825
cf-cache-status
HIT
expires
Tue, 13 Jan 2026 23:18:55 GMT
cf-polished
origFmt=png, origSize=11541
date
Sat, 18 Jan 2025 23:00:59 GMT
content-type
image/webp
content-disposition
inline; filename="9c9fa7d8-b8cd-11ed-ba3d-87ef1421dbae.webp"
vary
Accept
last-modified
Tue, 13 Jun 2023 20:59:03 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234526c2b36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
7236
server
cloudflare
recaptcha__en.js
www.gstatic.com/recaptcha/releases/1Bq_oiMBd4XPUhKDwr0YL1Js/ 		545 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1Bq_oiMBd4XPUhKDwr0YL1Js/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
dc987654372c681461a1ab9e9835fc0006367829e3f0cdccee51081109d7868f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
age
416
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sun, 18 Jan 2026 22:54:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 22:54:04 GMT
last-modified
Mon, 13 Jan 2025 19:01:19 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
220257
x-xss-protection
0
server
sffe
2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v26/2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f3.1e100.net
Software
sffe /
Resource Hash
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://fonts.googleapis.com/

Response headers

age
294130
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 13:18:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 15 Jan 2025 13:18:49 GMT
last-modified
Thu, 27 Apr 2023 00:30:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37848
x-xss-protection
0
server
sffe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/ 		502 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
786b02488bab372487274f7f85a9e21d2c23275104bbfa811f9958208d22858a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
471207979459028366
age
238
x-content-type-options
nosniff
expires
Sun, 18 Jan 2026 22:57:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 18 Jan 2025 22:57:01 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
159605
x-xss-protection
0
server
cafe
678be95744445.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/c/c7/cc78f1d4-f290-56ed-af49-4fbfbe202298/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/c/c7/cc78f1d4-f290-56ed-af49-4fbfbe202298/678be95744445.image.jpg?crop=1763%2C1175%2C0%2C0&resize=540%2C360&order=crop%2Cresize
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdf9c60a89d13818f6a1cd744c71f31ef7c3e07b51ddf66b9f2dabe5ab32e0bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"674a71cccf0db4da118451a6f97fbb1f"
age
17504
cf-cache-status
HIT
expires
Sun, 18 Jan 2026 18:09:16 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=19561
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
image/webp
content-disposition
inline; filename="678be95744445.webp"
vary
Accept
last-modified
Sat, 18 Jan 2025 17:48:11 GMT
x-vcache
HIT
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234530cd436cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
16960
server
cloudflare
67896b5ae88b9.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/7/c1/7c15b348-e9b0-5322-9016-d80dae7e8d3f/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/7/c1/7c15b348-e9b0-5322-9016-d80dae7e8d3f/67896b5ae88b9.image.jpg?crop=1763%2C1175%2C0%2C0&resize=150%2C100&order=crop%2Cresize
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0a604180cac33aa88c7e3995c570bd2f63b860b74c3f6c795fb3e7a41a8d08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"ad27f8698d05dda8c0e868047d43b6ae"
age
29673
cf-cache-status
HIT
expires
Sun, 18 Jan 2026 13:12:35 GMT
cf-polished
degrade=85, origSize=4504, status=webp_bigger
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
image/jpeg
last-modified
Thu, 16 Jan 2025 20:26:06 GMT
vary
Accept-Encoding
x-vcache
HIT
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
904234530cd836cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
4499
server
cloudflare
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202501160101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202501160101/gpt
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
c5c0a2fc2af2da0bd368ce75fe3640564ef3f1c6e2a70e04bdf4a859c102e9a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
17983749015435242695
age
44
x-content-type-options
nosniff
expires
Sun, 19 Jan 2025 23:00:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 18 Jan 2025 23:00:16 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22813
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202501160101"
script
data-sales.ccgateway.net/data-sales-tag/v1/parent/4bf40680f5/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-sales.ccgateway.net/data-sales-tag/v1/parent/4bf40680f5/script?domain=www.thestar.com
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
e1664a77688777034a07c45a464393a7580d7c1493907a52a3964a5e6a2a32c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
4bf40680f5
pb-rtd.ccgateway.net/v1.0/realtime/ 		196 B
512 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-rtd.ccgateway.net/v1.0/realtime/4bf40680f5?profile_id=a009893d-7acf-46a0-a350-814b7fe0755d&url=https%253A%252F%252Fwww.thestar.com%252F&context=true&contextLimit=1000&audience=true&audienceLimit=1000&deal_ids=true&custom_taxonomy=true&customTaxonomyLimit=1000
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.27.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-27-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
afdf5fff446a3ee3e29812d8e65c68684ac84cead6f983f7a853693043f2d2b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=3600
etag
"196-b6e3877f"
access-control-allow-credentials
true
access-control-allow-origin
https://www.thestar.com
content-length
196
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/json; charset=utf-8
vary
Origin
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250118
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd456c061616e28d3c5c327d2f05afde8a3d9dd203d8d4396bd17dc2a4c0c313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"635-16GDuNK0kYP1avCro1ppGl1kgzU"
age
25210
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4582-YYZ
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
827
x-jsd-version
1.0.2305
fed
ups.analytics.yahoo.com/ups/58869/ 		391 B
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58869/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.thestar.com/&pixelId=58869
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.82.61 New York, United States, ASN14779 (YAHOO, US),
Reverse DNS
e2.ycpi.vip.nya.yahoo.com
Software
ATS /
Resource Hash
c0ec1675a7022073ed7762502520d3da56799f4484eb94f2bc602f5bf70a24fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000
age
0
access-control-allow-credentials
true
referrer-policy
no-referrer-when-downgrade
access-control-allow-origin
https://www.thestar.com
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
vary
Origin
server
ATS
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		0
0
18488-pbjs-floors.json
ads.rubiconproject.com/floors/ 		0
0
swg-button.css
news.google.com/swg/js/v1/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
sffe /
Resource Hash
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
age
1290
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:29:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 22:39:30 GMT
last-modified
Wed, 03 Jan 2024 21:19:17 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
5195
x-xss-protection
0
server
sffe
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
age
1979
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:18:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 22:28:01 GMT
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=3000
cross-origin-opener-policy
same-origin; report-to="news-frontend"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges
bytes
content-length
1049
x-xss-protection
0
server
sffe
serviceiframe
news.google.com/swg/ui/v1/ Frame B30F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1737241260245&publicationId=thestar.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f14.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-sKRD9uz611xUbuBYeGv_vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-sKRD9uz611xUbuBYeGv_vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Sat, 18 Jan 2025 23:01:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjytDikmJw1JBicDa_xRT35xbTt0PPmH4AscTXl0waQOyUPoM1CIhbb55jnQrERmvPszoBcdK_86xFQGyocInVEYhVey6xmgJxkcQV1iYgdiy_wuoMxLmLr7LmA7EQD8eapxv2sAkcmHvzAaOSUVJ-YXxxaVJxclFmUmp5ZklGen5-ek5qck5mal5JcWpRWWpRvJGBkamBoaGpnoFhfIEBABCBRTE"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
country
api.btloader.com/ 		37 B
215 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5071905434894336
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
vary
Origin
rlink.js
cdn.btmessage.com/script/ 		48 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d6624cced4fc50d398d759513b1475da2c29dca62572afa65859bea2950dbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=k8UKcw==, md5=c6RT6l1KL7KRZHNzf/pyJA==
cf-cache-status
HIT
etag
"73a453ea5d4a2fb2916473737ffa7224"
age
445
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1qgXtUqG78KFTgMesG10vVuLw2rMntvx4FDjqvPC1m4OuTpbnD0MwImKc3Ubck0WClpEt7HFBOseR%2B4kk7CtPRqokecYSHF9Jf050kL65GByFFasW3A0MUVNt%2FWCFJUTian"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Sat, 18 Jan 2025 22:58:38 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=21148&min_rtt=20367&rtt_var=3869&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3975&recv_bytes=2263&delivery_rate=193396&cwnd=253&unsent_bytes=0&cid=4974f6bf5fd9e857&ts=87&x=0"
x-goog-stored-content-length
49655
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
application/javascript
last-modified
Wed, 15 Jan 2025 20:23:54 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFIdbgQOe-mmt-SRq_jP3ih6sY95lJWctzK3PW3j3MW5V_vjo2WcmK-CMd5EiPHnOg9BKoOkikzGmgQ
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
904234685a99a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1736972634540171
content-length
49655
server
cloudflare
58580620
fundingchoicesmessages.google.com/i/ 		193 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/58580620?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
6f8687d925bb6647a6657ab7ee4e3bc5b7008db6ac0222883f324b03021cba9b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EiM8Rxgng9YGHaa4XsTqnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NKQYpD4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxBX_brK2gTEtqzXWF2BWIiHY-3TDXvYBE6c_fmbSUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjUwNDQTM_ANL7AAACWDE1S"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EiM8Rxgng9YGHaa4XsTqnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=mJqFmux3BV-ik9HEIFJ-947ba5ef18&w=5166328627855360&o=5071905434894336&cv=2.1.71&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2F&sid=c67TT4LNC-NMYYsAnjn-947ba5ef18&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
vary
Origin
gtm.js
www.googletagmanager.com/ 		238 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He51g0v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c7c106355855a0cf4f67dc92698c788745ac22b3c5dd2e2ca851a9e73d323982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 18 Jan 2025 23:01:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83472
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		327 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He51g0v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
35f99ca63d206cd890629b5cac0a22859915fd89ed2effd533ff30bfe64d37cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 18 Jan 2025 23:01:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
93250
x-xss-protection
0
server
Google Tag Manager
data
bcp.crwdcntrl.net/6/ 		474 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17837/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.157.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-157-167.compute-1.amazonaws.com
Software
/
Resource Hash
8ca1ad69d89ef8dc52c67324f495bb2854e9d24ecbde26124a3ffaf97c583ac4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.thestar.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
474
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/json;charset=utf-8
x-server
10.40.55.11
v2
api.viafoura.co/v2/www.thestar.com/bootstrap/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2?session=false
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.101.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-101-61.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b66f0a49c8aaa021de49b5fe360c3491c31cbaa666603e9d123471ad54c87836

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
cache-control
max-age=0
content-encoding
gzip
pragma
no-cache
x-instance-id
i-04b77ba4317bf4dcf
access-control-allow-credentials
true
expires
Sat, 18 Jan 2025 23:01:00 GMT
access-control-allow-origin
https://www.thestar.com
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
server
nginx/1.18.0 (Ubuntu)
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.thestar.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1811896783.1737241260&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&auid=971513764.1737241260&navt=n&npa=0&gtm=45He51g0v9101115636za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&tft=1737241260483&tfd=3724&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers
web-vitals.iife.js
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals/dist/web-vitals.iife.js
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
104.17.248.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age
1955165
x-content-type-options
nosniff
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JG3HRZ7TDZYAV9VCAJE4Y681-yyz
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
90423456ff2938e2-YYZ
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, s-maxage=600, max-age=60
location
/web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding
br
cf-cache-status
HIT
age
236
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
90423456aeb138e2-YYZ
access-control-allow-origin
*
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JHXT4NS3E9A4MSFDKNY65RBR-yyz
server
cloudflare
id
dpm.demdex.net/ 		387 B
929 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1737241260506
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.61.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-61-24.compute-1.amazonaws.com
Software
/
Resource Hash
7575018ef3568d7e0911862a8ff4e51589897133a1ecb53517ae9221389f0960
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-2-v068-09cf01398.edge-va6.demdex.com 5 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
thm8gsqBQHI=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://www.thestar.com
content-length
325
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json;charset=utf-8
vary
Origin
AppMeasurement.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/hostedLibFiles/EP8757b503532a44a68eee17773f6f10a0/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/hostedLibFiles/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"d8232f86c8016a8e0acaa7ecfdf72b3e"
x-amz-version-id
null
age
2127
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9oNmVht-ivcVkYY2As32uBni3j2olgksJDPrBSOb1W7j5JCz-wdErA==
date
Sat, 18 Jan 2025 22:25:33 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
AppMeasurement_Module_ActivityMap.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/hostedLibFiles/EP8757b503532a44a68eee17773f6f10a0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/hostedLibFiles/EP8757b503532a44a68eee17773f6f10a0/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"bb4b6453e3ab80111a2b227318d22efb"
x-amz-version-id
null
age
2127
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QiwbJYCsYPEanavF39xyAO3RM1K9J632YwPCRu9zQsp_tiBV_KKxyg==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
marfeel-sdk.js
sdk.mrf.io/statics/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c169d3a6b25c23bc8f59de150ffa813355f27ef131efe35560c0699716522650

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.thestar.com
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
229
x-response-time
1ms
alt-svc
h3=":443"; ma=86400
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 18 Jan 2025 22:57:12 GMT
vary
Accept-Encoding
cache-control
max-age=1800
x-envoy-upstream-service-time
7
cf-ray
9042345d198faac2-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
47389
server
cloudflare
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/93108f94-c2ee-4a3a-a287-26652cd33617/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/93108f94-c2ee-4a3a-a287-26652cd33617/launchpad-liveramp.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-44.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1acbc8079d6671190c9379224c2c98817a15f067a7cd037d654ce33597929d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-amz-version-id
VYWTPu1YfPoKjtyR0qUADkpF..yOqZRj
etag
W/"bc3a3094e54ad8ff47c94344de4e1ffb"
age
50265
x-cache
Hit from cloudfront
x-amz-cf-id
iH2SVbCJi02RUmuJmO1uQrzsVjOkiM-D7bbWELrWEkjfTTE83RfShQ==
date
Sat, 18 Jan 2025 09:03:18 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Wed, 09 Oct 2024 14:15:48 GMT
content-disposition
attachment; filename="launchpad-liveramp.js"
x-amz-replication-status
COMPLETED
via
1.1 67d3f8867c3d6540e7495f9026c9c57a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/51g0/ Frame 4280 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/51g0/sw_iframe.html?origin=https%3A%2F%2Fwww.thestar.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
195036
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jan 2025 16:50:25 GMT
expires
Fri, 16 Jan 2026 16:50:25 GMT
last-modified
Thu, 16 Jan 2025 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		409 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d28059c72651b9cf1aea80d6192d604a152fe8673ad7efa57d0edb3688697b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135955
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		406 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
da6b4290167c5703f8318b1044225ea15738903d2a77c9180fd6b2a2c922d1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135381
x-xss-protection
0
server
Google Tag Manager
RCfabf27e891864c0fbcca13eb261f5bcd-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		440 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCfabf27e891864c0fbcca13eb261f5bcd-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f35a2f428025cb879006767f73dae220984f31ec77698a3deb16ae9b69c9db7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"0c61c23ebe20d4e102ced2de874c752e"
age
2127
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
440
x-amz-cf-id
C72kcAMK8DnTeeM2XyfZYtbk_FR0nokgNLVmTa6NTPpHws3AS6UIUw==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
678a70739765a.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/6/47/64738b70-8207-5138-bcd5-ec6a44098e54/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/6/47/64738b70-8207-5138-bcd5-ec6a44098e54/678a70739765a.image.jpg?crop=1280%2C853%2C0%2C0&resize=400%2C267&order=crop%2Cresize
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f6bc74a3fbcaddd22ce0a79035243b6558c7348ed3c82866810d9d947dc566d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"b5891bc7af3137f6625b054c7200c8f0"
age
87557
cf-cache-status
HIT
expires
Sat, 17 Jan 2026 22:40:52 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=13508
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
image/webp
content-disposition
inline; filename="678a70739765a.webp"
vary
Accept
last-modified
Fri, 17 Jan 2025 15:00:04 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423456e9dd36cb-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
8392
server
cloudflare
678adbc9e3b84.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/4/81/48174362-ff10-5e36-aecb-f61036708dfc/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/4/81/48174362-ff10-5e36-aecb-f61036708dfc/678adbc9e3b84.image.jpg?crop=1763%2C1175%2C0%2C0&resize=150%2C100&order=crop%2Cresize
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d8a8893022dc8710d7405d4428ffa913dc9baab39c95661eacdfafd596da1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
cf-bgj
imgq:85,h2pri
etag
"036d563ce9c9394d6e21d8b32d723cc3"
age
79851
cf-cache-status
HIT
expires
Sat, 17 Jan 2026 23:35:19 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=3068
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
image/webp
content-disposition
inline; filename="678adbc9e3b84.webp"
vary
Accept
last-modified
Fri, 17 Jan 2025 22:38:05 GMT
x-vcache
MISS
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
90423456e9e136cb-YYZ
access-control-allow-origin
*
server
cloudflare
location
privacy-location-edge.ccgateway.net/privacy/ 		5 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy-location-edge.ccgateway.net/privacy/location
Requested by
Host: data-sales.ccgateway.net
URL: https://data-sales.ccgateway.net/data-sales-tag/v1/parent/4bf40680f5/script?domain=www.thestar.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-212-140-196.compute-1.amazonaws.com
Software
/
Resource Hash
1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
access-control-allow-credentials
true
ingest
i.viafoura.co/v3/www.thestar.com/ 		67 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.viafoura.co/v3/www.thestar.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1737241260%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%22e0ca42b6-4b63-4959-8e22-99c0cd5edecb%22%2C%22firstVisit%22%3A1737241260%2C%22previousVisit%22%3A1737241260%2C%22currentVisit%22%3A1737241260%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1737241260%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22section%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageImage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fthestar.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2Ff84403b8-7d76-11ee-9d02-a72a4951957f.png%3Fresize%3D600%252C600%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22section%22%2C%22page_description%22%3A%22thestar.com%20is%20Canada%E2%80%99s%20largest%20online%20news%20site.%20Live%20news%2C%20investigations%2C%20politics%2C%20sports%20and%20the%20heartbeat%20of%20Toronto%2C%20Canada%27s%20largest%20city.%22%2C%22topics%22%3A%5B%22toronto%20star%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22en-CA%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22596d1dc4-292f-45a2-9bab-2ba4872d6fc2%22%2C%22w%22%3A%5B%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.41.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-41-108.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
67
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
image/png
/
www.thestar.com/tncms/csrf/token/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thestar.com/tncms/csrf/token/
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/shared-content/art/tncms/api/csrf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-robots-tag
noarchive
content-encoding
gzip
age
0
x-content-type-options
nosniff
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
text/html; charset=UTF-8
vary
X-IPCountry, Accept-Encoding
x-frame-options
SAMEORIGIN
x-vcache
MISS
strict-transport-security
max-age=31536000
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms
1.84.3; app15; 0.01s; 2M
content-security-policy
upgrade-insecure-requests
cache-control
private, no-cache, no-store, max-age=0
x-loop
1
referrer-policy
strict-origin-when-cross-origin
content-length
20
x-xss-protection
1; mode=block
page_load
pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.40.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-40-149.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.thestar.com
access-control-max-age
86400
date
Sat, 18 Jan 2025 23:01:01 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
page_load
pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/ 		59 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/page_load
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.27.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-27-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
80fc399aaa4b6b07bafe4172e9d61b4d8ee99375ad8d93baf1a4079068bf2a8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
https://www.thestar.com
content-length
59
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
js
www.googletagmanager.com/gtag/ 		315 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He51g0v861227858za200zb72758733
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He51g0v72758733za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d099df5c26f40dda64e93e09c8ae6c37a4de4ee36fabb10e3c40b7274b982c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:00 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108896
x-xss-protection
0
server
Google Tag Manager
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
cknvhRie0d.5LSRvFhB35AONaxh2m0FR
etag
W/"ca62e8a5580d4550920a84f5b7875661"
age
76
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
KSG5Eys8cGAmu4G5QMRfJooDVudgYZ-9_uxb15rODKtYt4N3cJdCpA==
date
Sat, 18 Jan 2025 22:59:52 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 19:35:36 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je51g0v887944298z89101115636za200zb9101115636&_p=1737241259646&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102067555~102067808~102081485~102123607&cid=1196127677.1737241261&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1737241260&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Logged_In_Status=&ep.Asset_Alias=&ep.Source=web&ep.Primary_Category=home&ep.Author=&ep.Published_Date=&ep.User_Agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&ep.Owner=thestar.com&ep.Primary_Publication=&ep.Asset_Id=&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=4185
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
554 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=1196127677.1737241261&gtm=45je51g0v887944298z89101115636za200zb9101115636&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067555~102067808~102081485~102123607
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:04 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame D584 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-B4CQN4KW3R&gacid=1196127677.1737241261&gtm=45je51g0v887944298z89101115636za200zb9101115636&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102067555~102067808~102081485~102123607&z=1428595989
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=1196127677.1737241261&gtm=45je51g0v887944298z89101115636za200zb9101115636&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067555~102067808~102081485~102123607&tag_exp=102067555~102067808~102081485~102123607&z=419251652
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Jan 2025 23:01:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 3E48 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=17837
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/17837/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
10829
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Sat, 18 Jan 2025 20:00:34 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 f7c13eeb01f01c4623bb4e70dbaa731a.cloudfront.net (CloudFront)
x-amz-cf-id
frSJSUVN5jNWpg01gTjjkcturQS87dSOCeanBYCrWS3L-XyIL5PpHA==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je51g0v873043922z89101115636za200zb9101115636&_p=1737241259646&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102067555~102067808~102081485~102123607&cid=1196127677.1737241261&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1737241261&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Logged_In_Status=&ep.Asset_Alias=&ep.Source=web&ep.Primary_Category=home&ep.Author=&ep.Published_Date=&ep.User_Agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&ep.Owner=thestar.com&ep.Primary_Publication=&ep.Asset_Id=&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=4328
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=1196127677.1737241261&gtm=45je51g0v873043922z89101115636za200zb9101115636&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067555~102067808~102081485~102123607
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:04 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 0E24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-6FZFMVVWVN&gacid=1196127677.1737241261&gtm=45je51g0v873043922z89101115636za200zb9101115636&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102067555~102067808~102081485~102123607&z=453183251
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=1196127677.1737241261&gtm=45je51g0v873043922z89101115636za200zb9101115636&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067555~102067808~102081485~102123607&tag_exp=102067555~102067808~102081485~102123607&z=357195818
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Jan 2025 23:01:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
RCd5dc177bda3247d493056b9f1b2aface-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCd5dc177bda3247d493056b9f1b2aface-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08bddb345fbb206ae18737b85957ce6fde0275e100c9ac8b9a0c270c57878cc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"1e8fb6d60e967dd7dadfaa8654325db5"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
SUOXWWA6_VkB0doF5RfGMkF71kko6Gs2_Xcxopx12ac4OzF3zInQiA==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RCe2e339dc11bd49eebe31ad2acf439213-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		1 KB
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCe2e339dc11bd49eebe31ad2acf439213-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
583e5e1ebb1591083586c7dd106ec0c6798320ba1c4b36962734cfcf195834f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"b51a32f10d02ad49f0077a88980171b1"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
UXWFUKk0bjGbwY-5ot5PbkvLcNvZpq2xlZ1zVSwsrc8gYapLIhZfvg==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RCfd82edb550d64a49a3ca6bf81e513747-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		1 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCfd82edb550d64a49a3ca6bf81e513747-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28cfad2dc8117f83a905851a4d80e43210a89cab2d4bd18a32e8e999ba0c1df3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"bebb0a44b2efe4481f2d6fa2ccae77de"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
8sPDc6GYUfPDVel2MEO0qIqq0K2x-5Fa4v1bUw3RrRRU_qHS2bzLvw==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RC8ff6550501a14f61a7c3dcc73cf531d4-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		1002 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC8ff6550501a14f61a7c3dcc73cf531d4-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84abd876d13a988990a568311363114bc8bc52813bee1a8ab45e615409432a89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"403756195937fac5537c98c1af4201b3"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9g_eeDs8_TpPTwydNWaFy9_Qq_wixkSnFhMgVd7ccqrU2tjmSDQRoA==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RCddae8ef3b82c41dba54c15d98935de16-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		962 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCddae8ef3b82c41dba54c15d98935de16-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1addf4c1b62b1bc6e4b9eea07f1eeaf3cca74166a3737b78dda844ef141c0d44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"a478880bd51466545f1aa319a78d16ff"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
962
x-amz-cf-id
TvGbONuGVbIb8zblD0IVsN9g1RGew1f5c8xX5f87-MC_KFSriL_RLg==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RCd6da8270889c499c84fa78aef20d0a31-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		1 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCd6da8270889c499c84fa78aef20d0a31-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54368aa22482b41807f2c84651331995adf09c2963f675e8c3efe0f8f0bd57a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"e80ea559871c67e966583f46b7549d9b"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
aNIBjpuHn6hPiLP76BYiePZF1PYMXc_dyt49Nf4j7IuW0dn7C4yatg==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RCa82a6d766eda4042b70753b684ac6b02-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		965 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCa82a6d766eda4042b70753b684ac6b02-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16f5ba4827c52a2ce5405e01a79fd2ffe3dbcd01305c955072b12c0bc62c826b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"07134c9261ca79008a924b45140dc909"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
965
x-amz-cf-id
CJQMzZcIInPCfS8CSqE0q9PvoSyn_s_5rvSkpHaA2esgdhdT_yXJ1A==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RC71425c174f724c788b24c6a422e2dc29-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		953 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC71425c174f724c788b24c6a422e2dc29-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1131cb5ddea5c1f63e3a2dd6fcd792a7b524b83792f05a22ca9dbf853f8fb5ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"b212265b80a3f4997612e69c1cf41a0a"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
953
x-amz-cf-id
5_kdEEcLopuOLNnegckgnf4H3nu-ubJUGZsm7ylsRYaqIugl_9DPWg==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RC2c634b7515d54c9ea49bbb12e3856393-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		976 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC2c634b7515d54c9ea49bbb12e3856393-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5120cc81a49d97d9062a1d625e5b6afe198152ec2c9bb293f60e082cbc5f956

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"076062250e6f6ae953c107e1ae94aa06"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
976
x-amz-cf-id
EYWd3oToo6_FrchYI-2Wnd-kkdXWqQeFVY3ioifPjiNkkKrf7YPzoA==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je51g0v887101457z8861227858za200zb861227858&_p=1737241259646&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102067555~102067808~102081485~102123608&cid=1196127677.1737241261&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&dl=https%3A%2F%2Fwww.thestar.com%2F&sid=1737241261&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.thestar.com%2F&epn.townnews_crm_group_id=848&ep.generator=BLOX&ep.generator_version=1.84.3&tfd=4495
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He51g0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1196127677.1737241261&gtm=45je51g0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067555~102067808~102081485~102123608
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He51g0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:04 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 1507 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-4T2EB147B8&gacid=1196127677.1737241261&gtm=45je51g0v887101457z8861227858za200zb861227858&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=102067555~102067808~102081485~102123608&z=1835992748
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He51g0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1196127677.1737241261&gtm=45je51g0v887101457z8861227858za200zb861227858&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102067555~102067808~102081485~102123608&tag_exp=102067555~102067808~102081485~102123608&z=1751833263
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Jan 2025 23:01:01 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
anchor
www.google.com/recaptcha/api2/ Frame 578A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=en&v=1Bq_oiMBd4XPUhKDwr0YL1Js&size=invisible&cb=lfd5rlm54nrd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1Bq_oiMBd4XPUhKDwr0YL1Js/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NyJTTPc3hLpPOc6UTUHy9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NyJTTPc3hLpPOc6UTUHy9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		240 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-PxIpAn4H' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-PxIpAn4H' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4514, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
l+00ttWszltijSNJR8jw0oOzaPswxkxa3dJTffds5bk9OMWtiCXEM86lqUZ3fqqPbZgIXSzzYnGaA9Oljf5rHw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62391
x-xss-protection
0
origin-agent-cluster
?1
js
www.googletagmanager.com/gtag/ 		299 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
60e592c027c5614d4585de2092e7e245a67b8fb24319525e8049135e718910d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104279
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		299 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c&gtm=45He51g0v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5719fa7516053f4eaafac95cef801f464b9ba4136c35b8f7e4fa2c45fe3fdf29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104281
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14475035
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
08dd90a980405bc559f3df814a8bbec46f32f0deb9289e2c72ea156d8528fab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
86685
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-14475035&l=dataLayer&cx=c&gtm=45He51g0v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f30cd20987aaa1752003518fa1056969436cd06997c9d923d1e83bc1c80d000f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 18 Jan 2025 23:01:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 18 Jan 2025 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
86682
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.44.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Sat, 18 Jan 2025 23:01:01 GMT
x-tw-cdn
FT
last-modified
Mon, 28 Oct 2024 20:49:35 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kcgs7200053-IAD, cache-nyc-kteb1890057-NYC
x-amz-server-side-encryption
AES256
pixel.js
www.redditstatic.com/ads/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
93537d697045b80412468583455a9bbddde790f26b7e5d32478b4670bef2f9d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"0b34fe09a9e5f616c77c9c2d44ad656e"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
13723
date
Sat, 18 Jan 2025 23:01:01 GMT
last-modified
Wed, 15 Jan 2025 19:41:09 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.113 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-57-90-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8273304fd0142c815d16b78e336b373d5446fcc4a06167972d581721209fc3ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=73551
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
9404
date
Sat, 18 Jan 2025 23:01:02 GMT
last-modified
Wed, 15 Jan 2025 09:45:44 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B0E8A7CED8C945B0B04E7F04EB40F7EE Ref B: YTO01EDGE0708 Ref C: 2025-01-18T23:01:02Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46811578437caf8eac61ac10112c43b46ede17063b29ac96b866c7027b6fd1d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
cache-control
max-age=7200
access-control-expose-headers
X-CDN
content-encoding
br
etag
"11c76370dfab0397b8a31fe800363638"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
1863
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
126773.ct.js
tag.rmp.rakuten.com/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/126773.ct.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
97cdc95ae752a7e56eceff8344e7d9c090fe1e89429f8dbee37ef7901b7bf582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=86400
content-encoding
gzip
x-samesite
secure
via
1.1 google
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache
hit
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/javascript
last-modified
Sat, 18 Jan 2025 23:01:03 GMT
RCf2c14cdd7de9496fa713b68f7d79a993-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		329 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCf2c14cdd7de9496fa713b68f7d79a993-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ef6df13f769714a1570f6745de205d19abaa548bd7e7aa6f369322daaf7fd47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"43fca91af382fd19de54d79ba13999ed"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
329
x-amz-cf-id
joYxmy0TJR5Lnk0Eg2eHomo7q_B8_UGZ2JGVNrN763BiGRIH5vdwSA==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
prebid
ib.adnxs.com/ut/v3/ 		47 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.153 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
10e1056fe1235ef6cdb31e22fc2cdc7de7db3e7f51437a426018e276d3edcc07
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
178.249.214.139; 178.249.214.139; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://www.thestar.com
an-x-request-uuid
599c5744-fb06-4c34-9789-f12003027aeb
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 18 Jan 2025 23:01:01 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
bid
ap.lijit.com/rtb/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_9.25.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.84.241.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-241-218.compute-1.amazonaws.com
Software
/
Resource Hash
0769bd4bb8f36e4ffe4397f1db959f327d872aa3ebec7b662c9deae2f4d391f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
https://www.thestar.com
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With, Content-Type
prebidjs
rtb.openx.net/openrtbb/ 		53 B
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ff767a6bcc2156ffc4c7000b986252739b50f97136912100ef45f91e69b1a2ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-forwarded-for
178.249.214.139
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://www.thestar.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
text/plain
vary
Origin
translator
hbopenbid.pubmatic.com/ 		8 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c92c0f0212bf6efc3a0c014766a9161a48a3b2879522ec3050fac8e86ce39073

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://www.thestar.com
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
pbjs
htlb.casalemedia.com/openrtb/ 		51 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1098284
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c77debead0875fb2f990d8799a5649e9d17d9d1d04f93ec2a782c06a6b94661

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58XShljlMiAti8RGT9v%2BcwERsMFx7tEuIMLVz6jkdaIqd3%2Fp02pYTI3Q%2F8W%2BI8pe1AANvT7qWK2MRXs6Fqt9cDSGMy8GznrCwu3bW%2BkRETg8J1AtmkrnsTWmcxSzP9yRLcFOybtT"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
9042345da99d39e7-YYZ
access-control-allow-origin
https://www.thestar.com
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18488&site_id=508756&zone_id=3038504&size_id=15%3B57%3B15&alt_size_ids=2%2C10%2C43%2C57%3B%3B10&eid_pubcid.org=b6580d56-790e-48e5-a84a-5cbf8532a4ad%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fwww.thestar.com%2F&kw=torontostar&tg_i.domain=thestar.com&tg_i.page=https%3A%2F%2Fwww.thestar.com%2F&tg_i.aupname=58580620%2Fthestar.com%2Fhomepage&tg_i.pbadslot=%2F58580620%2Fthestar.com%2Fhomepage%23ad-2827029%3B%2F58580620%2Fthestar.com%2Fhomepage%23ad-3489852%3B%2F58580620%2Fthestar.com%2Fhomepage%23ad-2827005&tk_flint=dmpbjs_v9.25.0&x_source.tid=f982535d-36a3-45d0-a68e-eb5933da2580&l_pb_bid_id=23136f0093e7f0b%3B248afd4f2d9caca%3B257df811c8d4253&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1a6d74cb-7ff8-439e-b809-4f5dca9c86f0%3B72f8aa73-e212-4f5e-ab76-99a8913bb1fb%3B678a5e2b-a72e-42aa-aac5-ed0f086f1bca&rp_maxbids=1&p_gpid=%2F58580620%2Fthestar.com%2Fhomepage%23ad-2827029%3B%2F58580620%2Fthestar.com%2Fhomepage%23ad-3489852%3B%2F58580620%2Fthestar.com%2Fhomepage%23ad-2827005&m_ch_mobile=%3F0&slots=3&rand=0.3007263386279324
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.10 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
cb99aa845ebc533d9160813becfcf72cbfb1f8ef33f096a99db55ab6daf4015b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.thestar.com
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
v1
btlr.sharethrough.com/universal/ 		587 B
736 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.206.254.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-254-236.compute-1.amazonaws.com
Software
/
Resource Hash
8dc5efb54fd57b45f42c88690d9e007d839b2751c9d7aaff034e19b26987da0a
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.thestar.com
content-encoding
gzip
content-length
375
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		538 B
686 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.206.254.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-254-236.compute-1.amazonaws.com
Software
/
Resource Hash
97b3832a6eb1cc03df88d970466188387eb192bfadabd72adc36cd6fb237048f
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.thestar.com
content-encoding
gzip
content-length
324
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		750 B
794 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
44.206.254.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-254-236.compute-1.amazonaws.com
Software
/
Resource Hash
7e75b62929644e2ad00bb6a69ef43ae7c6688526060ab8518419c138fd8b3fa8
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.thestar.com/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://www.thestar.com
content-encoding
gzip
content-length
433
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
RC67e014ce3c44401b9b05a0c0419e925b-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC67e014ce3c44401b9b05a0c0419e925b-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6992ca8fd9b3c2c4380b25aa27485fdb777261e0faa02853634660dab37c3a4d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fcbe8538b5f8fce00682d6de4370b23e"
x-amz-version-id
null
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
uNo3rd1bQ1HDcO4yfTUUY19JXLVk7HPQ9wDWtZwAqfwHT0LCWkWVug==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RC37fc8d68565e427dabd1a57deea1e782-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		664 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC37fc8d68565e427dabd1a57deea1e782-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f949e43a1f1b3513e2f44de12b2814e465d995adf31c6e7f141dcfe7c0ae3b10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"d1bbe5503980f2b4f63331f6ca07d424"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
664
x-amz-cf-id
k-5OueiYduTpZizVlcdWE7iqYCBwvorBXXuTjjWKV5iX5yy19c9ilw==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RC988517bad150486190cbf5fdd5474710-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		762 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC988517bad150486190cbf5fdd5474710-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6889e33f0a93ee80afb0ff3456bdbb5c65da93e9ab1a7950317553e9008c93ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"22b5607eb816e0088d0d085fcb6f87de"
age
2128
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
762
x-amz-cf-id
c_4jFAEJxaXVswsdTbG5mDy03ETImocnsLFZKTsx_Khm_uMdlvoiHw==
date
Sat, 18 Jan 2025 22:25:34 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
activityi;dc_pre=CMf_wYKwgIsDFddiRwEd2N0UmQ;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0...
14475035.fls.doubleclick.net/ Frame 31E6
Redirect Chain
  • https://14475035.fls.doubleclick.net/activityi;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
  • https://14475035.fls.doubleclick.net/activityi;dc_pre=CMf_wYKwgIsDFddiRwEd2N0UmQ;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://14475035.fls.doubleclick.net/activityi;dc_pre=CMf_wYKwgIsDFddiRwEd2N0UmQ;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14475035
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.166 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
692
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:02 GMT
expires
Sat, 18 Jan 2025 23:01:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://14475035.fls.doubleclick.net/activityi;dc_pre=CMf_wYKwgIsDFddiRwEd2N0UmQ;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45...
td.doubleclick.net/td/fls/rul/ Frame 3984 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14475035
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1824
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;...
ad.doubleclick.net/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=14475035;type=invme0;cat=rp-to0;ord=2127607689715;npa=0;auiddc=971513764.1737241260;ps=1;pcor=761166528;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe51g0v9190903233za200zb72758733;gcd=13l3l3l3l1l1;dma=0;tag_exp=102067555~102067808~102081485~102123608;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F?
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:01 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"10352605765748014086"}],"aggregatable_trigger_data":[{"filters":[{"14":["100557576"]}],"key_piece":"0xea1a52dcab117431","source_keys":["12","13","14","15","16","17","18","19","20","21","22948992","22948993","22948994","22948995","642008900","642008901","642008902","642008903"]},{"key_piece":"0x7d8a664731a090e2","not_filters":{"14":["100557576"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22948992","22948993","22948994","22948995","642008900","642008901","642008902","642008903"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22948992":32,"22948993":32,"22948994":32,"22948995":3177,"642008900":32,"642008901":32,"642008902":32,"642008903":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"12957317083888609954","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10352605765748014086","filters":[{"14":["100557576"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10352605765748014086","filters":[{"14":["100557576"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10352605765748014086","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10352605765748014086","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14475035"]}}
content-type
image/png
x-xss-protection
0
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1737241261586&cv=11&fst=1737241261586&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867836103za200zb72758733&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&pscdl=noapi&auid=971513764.1737241260&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
8467f50f69b4ba13d832818e723265e1c3b84a84c4922ee04038ec9afb2536af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2291
date
Sat, 18 Jan 2025 23:01:02 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
698108511
td.doubleclick.net/td/rul/ Frame D2E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/698108511?random=1737241261586&cv=11&fst=1737241261586&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867836103za200zb72758733&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&pscdl=noapi&auid=971513764.1737241260&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
1521
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
ots.webtrends-optimize.com/ots/ots/js-5.0/2547823/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ots.webtrends-optimize.com/ots/ots/js-5.0/2547823/
Requested by
Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/common/js/5.8/wt_lib.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.4.53 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b859f5a4a3a38dc9c24cc1a91ea0d5d042233a0d1317825cd57d61a66a4d8047

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

access-control-allow-method
POST,OPTIONS
cache-control
no-cache
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
content-length
4080
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
Apache-Coyote/1.1
access-control-allow-headers
Content-Type
adsct
t.co/1/i/ 		43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=9bed9a1c-d449-450a-97e0-f4e47963d0b0&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=51d9cc7d-17a5-49d8-94c3-c615c18f8d14&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.31
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
23b70817c01030e9
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f104ccb07be942c834ad767adc5cfcc54ce34358bfcd20d23ab26296d9d83a66
cf-cache-status
DYNAMIC
cf-ray
9042346299baaca2-YYZ
x-response-time
85
content-length
43
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=9bed9a1c-d449-450a-97e0-f4e47963d0b0&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=51d9cc7d-17a5-49d8-94c3-c615c18f8d14&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.31
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
386797fb79d1ded7
cache-control
no-cache, no-store, max-age=0
x-connection-hash
ec56ed1103c05f98c5b7a4f107228c870deeb4f3076a7fe725d7a4ebc85d4f25
x-response-time
5
content-length
43
date
Sat, 18 Jan 2025 23:01:01 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
549886031832745
connect.facebook.net/signals/config/ 		312 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/549886031832745?v=2.9.180&r=stable&domain=www.thestar.com&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
df37f88dc6f728b0ff765fa8d1c5c5f77cf6e3a3ad79bcd5857868ca79b72513
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-2rpHKER2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-2rpHKER2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=14, c=41, mss=1232, tbw=86938, tp=77, tpl=14, uplat=0, ullat=-1
pragma
public
x-fb-debug
5vE9cjTw2iKNZyXD8eShvptS3Vo09I5rUtMT1ShSFhJNq7SDUn1+FRClIN4NB2gBpHveob7prsDRd0KzYQZRSg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
97000
x-xss-protection
0
origin-agent-cluster
?1
RC782a98d36b3941e4b16887b9f506418a-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		818 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RC782a98d36b3941e4b16887b9f506418a-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a763b1639866a667823fe1023625402e89864de240577166582f4f1d9578ace

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"47101397b47036158d4332fa26eecb05"
age
2127
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
818
x-amz-cf-id
rM0hn_R6-zkeA2XCCy-ABOyyMU9VZuSnAZ4-xXwmpCOGB1gi5t-m4g==
date
Sat, 18 Jan 2025 22:25:35 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
config
pixel-config.reddit.com/pixels/t2_kcsr8bo/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/t2_kcsr8bo/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
t2_kcsr8bo_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_kcsr8bo_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Sat, 18 Jan 2025 23:01:01 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1737241261828&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=2c87268c-0e1a-4c5e-a12e-3c85f730a24d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_07ec61e1&autoEmailEnabled=0&dpm=&dpcc=&dprc=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
image/gif
server
Varnish
RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		621 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29896fec740d6d70a1aac6e2769dc76de4bebc52ac27b9977610d68300e14057

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"bf38bf62a962a1d0a6adecc7a1fd7b1e"
age
2139
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
621
x-amz-cf-id
ioGTp13mueMYZJjrEXVxSPUySP-Rdw2r2DUZdk4RbXtWSXo3Tj4Q0A==
date
Sat, 18 Jan 2025 22:25:23 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:25 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
RCbe1261cdf76b4951b3d13e586f89f534-source.min.js
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/ 		746 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/9a8a4527237c/RCbe1261cdf76b4951b3d13e586f89f534-source.min.js
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.102.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-102-4.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
240a7b1d38c6ed1e9778fda561ad0b940988854a86971f5e80cbc637642dc545

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
null
etag
"b3d8f297ad811a42bc997951bc6463a0"
age
2139
via
1.1 b8f0ff2969e7ec30e68b72cac77780e8.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
746
x-amz-cf-id
O6Yvc3IVFrzFFBU6pt268cqb0n7NQnycjjxV46Scpiwwmg109dOVEQ==
date
Sat, 18 Jan 2025 22:25:23 GMT
content-type
application/javascript
last-modified
Sat, 18 Jan 2025 22:23:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P6
x-amz-server-side-encryption
AES256
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3926bdd1b4d5a60dad7e1b0402a6c24b4a0f252f661ed6b16cfe86a4b48a1b58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
sj79M3z5wKPLJDbEmZatD0Ieck8DAJpo
etag
W/"64f80abcdc3320c61105d672e422e4c8"
age
8425
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
Y-G_lWaBYRxIGwnpA-jrJmL3KIPi-aVW10QHuaU8Nw1HibtMLXUQ7g==
date
Sat, 18 Jan 2025 20:40:38 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Tue, 14 Jan 2025 12:55:01 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 0ABB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Requested by
Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.23.22.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-22-141.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 18 Jan 2025 23:01:02 GMT
dcs
dcs-prod-va6-1-v068-0a9d1dce8.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 16 Jan 2025 20:02:36 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
+hT5sA6YQ8Y=
id
s.thestar.com/ 		0
0
ibs:dpid=411&dpuuid=Z4wyrgAAAHNQGwN2
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=42541773480856299834205884727343254339
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4wyrgAAAHNQGwN2
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4wyrgAAAHNQGwN2
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
3.223.61.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-61-24.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-va6-2-v068-03842a145.edge-va6.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
WM4fWqd1S6M=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z4wyrgAAAHNQGwN2
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Sat, 18 Jan 2025 23:01:02 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf
pixel.thestar.com/events/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.thestar.com/events/78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.180&r=stable&domain=www.thestar.com&hme=1b2b48fb279bc2e2881583cc2153b57f55e340ed882b2c5394167c8bc992d930&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C174%2C177%2C189%2C185%2C186%2C188%2C29%2C101%2C53%2C77%2C187%2C169%2C172%2C182%2C183%2C190%2C132%2C41%2C192%2C193%2C34%2C144%2C15%2C50%2C198%2C197%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C170%2C173%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.33.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-33-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
https://www.thestar.com
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
vary
origin
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F&rl=&if=false&ts=1737241261978&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1737241261974.882626428957987266&eid=ob3_plugin-set_e027b80288a7ef55265dcda2bf10374547183cc31c546b9825ce15948882c3b3&cs_est=true&ler=empty&cdl=API_unavailable&it=1737241261774&coo=false&rqm=GET
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=1, c=7, mss=1316, tbw=2972, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F&rl=&if=false&ts=1737241261978&sw=1600&sh=1200&v=2.9.180&r=stable&ec=0&o=4126&fbp=fb.1.1737241261974.882626428957987266&eid=ob3_plugin-set_e027b80288a7ef55265dcda2bf10374547183cc31c546b9825ce15948882c3b3&cs_est=true&ler=empty&cdl=API_unavailable&it=1737241261774&coo=false&rqm=FGET
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7461394406524368037"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xf35c5d3012c1ad91","source_keys":["1"]}],"aggregatable_values":{"1":10922},"aggregatable_source_registration_time":"exclude","filters":{"3":["884129105019052"]},"debug_reporting":true,"debug_key":"3507843154574516917"}
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
TG9xaolc8abkTNBtewsVBlSTI5rxZ0VY1XkYeOav465paRVYiATjUjp6+u8MO+3SfrN1BJa9hz8AZFeKpHx1lg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7461394406524368037", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=2, c=1, mss=1316, tbw=3289, tp=-1, tpl=-1, uplat=61, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
beacon.js
sb.scorecardresearch.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-111.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"c22322b3d030360971584a98c60b6e0b"
age
28376
via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
j5oUT_1dvupccB-08CL_Vhll0e1yGsZxmS3xvxOlbX1xKZ1e7m_G9Q==
date
Sat, 18 Jan 2025 15:08:07 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 11:22:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
x-amz-server-side-encryption
AES256
AGSKWxUp8A3PmG7XAHCf2Lk6Ptmy4CxZePqyxrRd59FLYJ72hq24izfG6_UPZqIASyIks-GUK4geaguAu3LrQH-eUAHrNp1qEjzo_3dIJYuGYD5ULywLXfdjXAR_MmXgB76ofICy3NDR2A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUp8A3PmG7XAHCf2Lk6Ptmy4CxZePqyxrRd59FLYJ72hq24izfG6_UPZqIASyIks-GUK4geaguAu3LrQH-eUAHrNp1qEjzo_3dIJYuGYD5ULywLXfdjXAR_MmXgB76ofICy3NDR2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM3MjQxMjYyLDYxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy50aGVzdGFyLmNvbS8iLG51bGwsW1s4LCIyVlAwa1FhcXd0cyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzI0LCIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
b8ddc3470edc7a111bea28ba1a359f3658287f6ff947a90d204fd823f1dc1f03
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zm5zM3Ypc2YJ9q7PG5JpCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNGQYpD4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxBX_7rK2gzEtqzXWF2BWIibY93TDXvYBH78v2mopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpgaGimZ2AaX2AAAD0LTMQ"
content-security-policy
script-src 'report-sample' 'nonce-zm5zM3Ypc2YJ9q7PG5JpCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame AE3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29206
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 22:36:29 GMT
expires
Sat, 18 Jan 2025 23:26:29 GMT
last-modified
Mon, 13 Jan 2025 20:43:06 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
973895
x-goog-stored-content-encoding
gzip
expires
Wed, 07 Jan 2026 16:29:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Tue, 07 Jan 2025 16:29:28 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AFiumC6sLXf9sz-u1et87AjkYFzmHJ03Y58N9O9aDQjmqCGBGnGB1jJBIQiqch38LZV1k2wv
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
esp.js
cdn.id5-sync.com/api/1.0/ 		101 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-id-2
hpWDoIQbxEOJprze95TXe/UVm/WGPzwbhu4/RU1z7awCj0utuZN3c/9JM2aEoK0sgaBIuWbK1kw=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
content-encoding
br
cf-cache-status
HIT
etag
W/"5dcd2f7daade69f0b6f0a4fca81bea12"
age
1804
x-amz-request-id
H9575T8DG3V768YB
cf-ray
904234667bccab1c-YYZ
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.109.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-109-182.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-version-id
suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag
"e264379414c85b18fe5fb338ed4823f8"
Age
53725
Connection
keep-alive
Via
1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3117
X-Amz-Cf-Id
IRKj0MS4aoY2Eoojq5yjO81gNIXdOH_aqlkvFMFbF9FIc4jRyPLl-Q==
Date
Sat, 18 Jan 2025 08:05:40 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Dec 2024 19:25:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
x-amz-server-side-encryption
AES256
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-46.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
age
56958
via
1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-7fifcPjnYRbivvnqOkvle-YRO5N9zDQMAgyM5wpdJkrLdG6KxCwZg==
date
Sat, 18 Jan 2025 07:11:44 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
ingest.php
events.newsroom.bi/ 		165 B
906 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
120
date
Sat, 18 Jan 2025 23:01:05 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
main.7d8116bd.js
s.pinimg.com/ct/lib/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.7d8116bd.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb322d9e801b20f445402380d99d144e674abdc4821c6b5d30936c0ecfe381ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
cache-control
max-age=1209600
access-control-expose-headers
X-CDN
content-encoding
br
etag
"b7968e6e7735284fd26091b6f049515c"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
23467
content-type
application/javascript
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
AGSKWxUqxtKIde3GZRRm8TA_3Wqj8dSQp3Z8rRTFOAPm8NZ1JJpph7Xh-XeXaXTzykIYgwroQ98ieP8bzs1mGVlIYN31q-ogbA-VETZdyplBlGpLKI2GG-tPhC8S70mQt3ZBJYp_cB04Dw==
fundingchoicesmessages.google.com/f/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUqxtKIde3GZRRm8TA_3Wqj8dSQp3Z8rRTFOAPm8NZ1JJpph7Xh-XeXaXTzykIYgwroQ98ieP8bzs1mGVlIYN31q-ogbA-VETZdyplBlGpLKI2GG-tPhC8S70mQt3ZBJYp_cB04Dw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM3MjQxMjYyLDE5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnRoZXN0YXIuY29tLyIsbnVsbCxbWzgsIjJWUDBrUWFxd3RzIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMjQsIiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
1a9620560d045a6e882da628f8d12de26a7a701ee004e638bfef2c6d45223077
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tE8GTbDYWWhsRpAKW-yOcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJiCNaQYpD4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxBX_brK2gTEtqzXWF2BWIibY93TDXvYBDpWTSlT0kjKL4xPzs8rKcpMKi3JL0pLTkstTi0qSy2KNzIwMjUwNDTTMzCNLzAAACOoTAw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-tE8GTbDYWWhsRpAKW-yOcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.57.90.113 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-57-90-113.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=34764
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14634
date
Sat, 18 Jan 2025 23:01:02 GMT
last-modified
Mon, 02 Dec 2024 19:22:52 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
/
www.google.com/pagead/1p-user-list/698108511/ 		42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/698108511/?random=1737241261586&cv=11&fst=1737241200000&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867836103za200zb72758733&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&pscdl=noapi&auid=971513764.1737241260&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dCFlb-YViB-jH6Hla7N7dehZ0WiurG6sv5i4Jt9KXi9nGoeD5&random=887477926&rmt_tld=0&ipr=y
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Jan 2025 23:01:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/698108511/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/698108511/?random=1737241261586&cv=11&fst=1737241200000&bg=ffffff&guid=ON&async=1&gtm=45be51g0v867836103za200zb72758733&gcd=13l3l3l3l1l1&dma=0&tag_exp=102067555~102067808~102081485~102123607&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thestar.com%2F&hn=www.googleadservices.com&frm=0&tiba=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&npa=0&pscdl=noapi&auid=971513764.1737241260&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dCFlb-YViB-jH6Hla7N7dehZ0WiurG6sv5i4Jt9KXi9nGoeD5&random=887477926&rmt_tld=1&ipr=y
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Jan 2025 23:01:02 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
attribution_trigger
px.ads.linkedin.com/ 		2 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=3116868&time=1737241262324&url=https%3A%2F%2Fwww.thestar.com%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://www.thestar.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
00062c03005c145b560b2aa428b7ac65
x-msedge-ref
Ref A: A554CEE3B12E49D29FF97F7F2F106ADA Ref B: YTO01EDGE0708 Ref C: 2025-01-18T23:01:02Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYsAwBcFFtWCyqkKLesZQ==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1737241262324%26li_adsId%3D4aa6c804-2f48-4b66-a97f-b8c17dba4c1d%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DE6B090DF2E54737B7C0031EB524DE25 Ref B: YTO01EDGE0510 Ref C: 2025-01-18T23:01:06Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYsAwCaAXdJIZIJ9/v2LA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Sat, 18 Jan 2025 23:01:06 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
cf-cache-status
DYNAMIC
x-li-fabric
prod-ltx1
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto
http/3
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 18 Jan 2025 23:01:06 GMT
priority
u=3,i
x-frame-options
sameorigin
strict-transport-security
max-age=31536000
x-li-pop
cf-prod-ltx1-x
content-security-policy
frame-ancestors 'self'
cache-control
no-cache, no-store
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1737241262324&li_adsId=4aa6c804-2f48-4b66-a97f-b8c17dba4c1d&url=https%3A%2F%2Fwww.thestar.com%2F&cookiesTest=true&liSync=true
pragma
no-cache
cf-ray
9042347bdc28ac36-YYZ
x-li-uuid
AAYsAwCVKxBU/yCcWP58nA==
content-length
0
server
cloudflare
13008914.js
bat.bing.com/p/action/ 		363 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/13008914.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 958D84DE78A349B8926D09E596FB42B9 Ref B: YTO01EDGE0708 Ref C: 2025-01-18T23:01:02Z
x-cache
CONFIG_NOCACHE
date
Sat, 18 Jan 2025 23:01:02 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		156 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/93108f94-c2ee-4a3a-a287-26652cd33617/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-69.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
cache-control
must-revalidate,public,max-age=3600
content-encoding
br
x-amz-version-id
y2XbJrWpid16.q8WCP8QY9COtPaM7Zae
etag
W/"21442f2b8d4d10d9b3feb114c12ad42a"
age
3135
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
FVNwm0pNRhB1Ay8fWrOETlKVWErapBtvxxPQXRiMewpCJSywpIJl-Q==
date
Sat, 18 Jan 2025 22:08:50 GMT
content-type
application/x-javascript
last-modified
Thu, 07 Nov 2024 16:41:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
x-amz-server-side-encryption
AES256
/
ct.pinterest.com/user/ 		327 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2612846434758&cb=1737241262370&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
665e38f2f4291bdd335da59256b0c6780e77124e88456669051f4ad9eff6a965

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Epik,Pin-Unauth
content-encoding
gzip
x-pinterest-rid-128bit
cbd7200f9336ed450d065de32644dcdd
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=604800
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
application/json; charset=utf-8
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
33
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
pin-unauth
dWlkPU5HUm1OR1V4WVdNdE1qYzRZUzAwWXprMUxUa3pPVFV0TXpsaU1qUTJOakptTURNNQ
pinterest-version
c6d93c90acd322a1dee0b065e0bc57a25fe4715f
access-control-allow-origin
https://www.thestar.com
content-length
190
x-pinterest-rid
9385408025343336
/
ct.pinterest.com/v3/ 		35 B
487 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%227d8116bd%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1737241262374
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.7d8116bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
1
x-pinterest-rid-128bit
7b757a2af7aabe9e8f75a26b660ee1f7
x-cdn
fastly
access-control-allow-credentials
true
referrer-policy
origin
expires
Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version
c6d93c90acd322a1dee0b065e0bc57a25fe4715f
access-control-allow-origin
https://www.thestar.com
alt-svc
h3=":443";ma=604800
content-length
35
date
Sat, 18 Jan 2025 23:01:03 GMT
x-pinterest-rid
1033734710185629
content-type
image/gif
tsub-middleware.bundle.c0f5511a001f780f591f.js
cdn.segment.com/analytics-next/bundles/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id
Vi.Yd9Ms0_IN3OjbGlsA.1p3ArQ5RR1f
age
8720970
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
mBI4rfyraFzb2mOpWj-_A6k_PrARbgpO-rBzy-ewV0su9jeFTOvwWw==
date
Thu, 10 Oct 2024 00:31:33 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 16:14:51 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=36ee6333-0093-4a10-b67a-6c2adf14e9fa&bo=1&sid=16db6ed0d5f011ef8e5db51ba135d03e&vid=16db9bb0d5f011efac90bf885f104286&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&kw=toronto%20star&p=https%3A%2F%2Fwww.thestar.com%2F&r=&lt=3933&evt=pageLoad&sv=1&cdb=ARoV&rn=156550
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BB9BBA3DEBF4342B37D4704C3043F14 Ref B: YTO01EDGE0708 Ref C: 2025-01-18T23:01:02Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 18 Jan 2025 23:01:02 GMT
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
Eg5lTsnm5ouY8QgrZzKrG2JCC_n4DCoq
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
age
2070720
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
qQ2vVNnFytynmQpMbnfTW50xsvfvazmSRivB0dclcYNeYlwiEF-QdA==
date
Wed, 25 Dec 2024 23:49:03 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Thu, 19 Dec 2024 19:30:59 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
FUzI44GfkUx.2lsKbnE4VmQ.TZ0rhol9
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
age
5291966
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
Yt-BHAXH6TOT7J4UqiZlglbhS4jUGei7GLWmutf74-PCZMRXp7FLTA==
date
Mon, 18 Nov 2024 17:01:37 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Thu, 14 Nov 2024 23:39:24 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 5d840d432727e3561fd1a3de915212ca.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
EWR53-C2
server
AmazonS3
x-amz-server-side-encryption
AES256
auction_end
pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/auction_end
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.40.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-40-149.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://www.thestar.com
access-control-max-age
86400
date
Sat, 18 Jan 2025 23:01:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
auction_end
pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/ 		60 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/4bf40680f5/engagement/trigger/auction_end
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.27.21 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-27-21.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a246d3b32e96e5be9895096c5ea8f5cfae47e44ed5899cd8831be7dcbf4ef4a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
https://www.thestar.com
content-length
60
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
application/json; charset=utf-8
vary
Origin
access-control-allow-credentials
true
p
api.segment.io/v1/ 		21 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-74-168.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.thestar.com
content-length
21
date
Sat, 18 Jan 2025 23:01:06 GMT
content-type
application/json
vary
Origin
bframe
www.google.com/recaptcha/api2/ Frame F1FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=1Bq_oiMBd4XPUhKDwr0YL1Js&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1Bq_oiMBd4XPUhKDwr0YL1Js/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MKDN2pFzNd_MCRi6rNNiig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MKDN2pFzNd_MCRi6rNNiig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1737241262783&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlin...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1737241262783&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headli...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1737241262783&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
18.173.219.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-111.jfk52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
JaMUPXarkCW-m7b0Ymkv3WNjwrLbpK1y4OShG-m-nHgjHW2JHcFIbA==
date
Sat, 18 Jan 2025 23:01:03 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK52-P1

Redirect headers

location
/b2?c1=2&c2=3005674&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1737241262783&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fwww.thestar.com%2F&c8=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 78a5d96d9c348edf8a3fca2ba77f8e64.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
8A0NWe-ruEYE0UsFWqRhcM6y05qowql58lj1ZcM4uY6jnGie-lN-0g==
date
Sat, 18 Jan 2025 23:01:03 GMT
x-amz-cf-pop
JFK52-P1
outbrain
fundingchoicesmessages.google.com/f/AGSKWxW_oxPP3uG78zRsqm-XKfHeQj_xSN55-YS_hbCw_3JgNgF8ANxwT1Y8mLcyiYVV-FnXBxrD1JVI15xJJbvlF7CbeVXDv0rUm3U9ESv8PeYaSQ_oeMzrZ8j4tNj51CtOAmDgyba8EV2so3Vkf8JCn_kuGpG_v... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW_oxPP3uG78zRsqm-XKfHeQj_xSN55-YS_hbCw_3JgNgF8ANxwT1Y8mLcyiYVV-FnXBxrD1JVI15xJJbvlF7CbeVXDv0rUm3U9ESv8PeYaSQ_oeMzrZ8j4tNj51CtOAmDgyba8EV2so3Vkf8JCn_kuGpG_vstqn3hxU5aQTrw-8ECpraZ8MJaYjkmB/_/adv/bottomBanners./ads/outbrain?.adlabs./sr.ads./300x250b.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
98dee1487d483d30fb6eff137cddef164dab516b65d150cf5130b5c0e5aa84e7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-v3m0e0d_uUaUlmuiyFPbhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJicNCQYpD4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxBX_7rK2gzEtqzXWF2BWIibY_3TDXvYBFZcOMWkpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpgaGimZ2AaX2AAABlXTAQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-v3m0e0d_uUaUlmuiyFPbhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
3b14188ae2ab5e244060596588db0a2e187ea0557a1e801b6de5f96e614eacaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
14452305674246082933
age
3575
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:01:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 22:01:28 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
15114
x-xss-protection
0
server
cafe
AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BJB1jpE7vxu5NSaFDNNF_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiJtj_dMNe9gEHvx9IKLkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA0MDc30DMzjCwwA8pYq_w"
content-security-policy
script-src 'report-sample' 'nonce-BJB1jpE7vxu5NSaFDNNF_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thestar.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zdGQNe6IAEOLS0dCTU5oqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoExB_qL7P-AGKGr1dYOYBYiJtj_dMNe9gEXmx9Iq_kkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTA0MDc30DMzjCwwA6OEq2A"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zdGQNe6IAEOLS0dCTU5oqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thestar.com
content-length
0
x-xss-protection
0
server
ESF
increment
id5-sync.com/api/esp/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.thestar.com
date
Sat, 18 Jan 2025 23:01:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BQTVLj-wZejq9DZ7vIONVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj_dMNe9gEFnTtn8Ko5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwNDA3N9AzM4wsMAO1qKrE"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BQTVLj-wZejq9DZ7vIONVQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thestar.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWhHUrsQDwecY4aUKnFymTzum7RV1w6Gs4DWOvUDz7ONdwk0vWMWsYW2w-AbyPWqYEDu99ZQmMNhAg81ignpv42eLund21g_JxbZRFRwnnf_1mPk-nD1-iaxKqs-b8KYQYFXdhZAw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FZDFGgfeyLpETYrAqLtWbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj_dMNe9gEdsxdeYhRySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkaGBqa6RmYxxcYAAD9Girs"
content-security-policy
script-src 'report-sample' 'nonce-FZDFGgfeyLpETYrAqLtWbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thestar.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxV1HRPX503hYCs5LbcbJHGa4RfEDY_k2dwV5oEIvSAyxR4-G6kCrL2d4KbWBUS9k32ZKQml7q7qZsZavw-eU7NbvKtEcKbCAeaZngipHFtFCLIfY8-r3jLej-YfM1EfNpSXSuYp-Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV1HRPX503hYCs5LbcbJHGa4RfEDY_k2dwV5oEIvSAyxR4-G6kCrL2d4KbWBUS9k32ZKQml7q7qZsZavw-eU7NbvKtEcKbCAeaZngipHFtFCLIfY8-r3jLej-YfM1EfNpSXSuYp-Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM3MjQxMjYzLDI3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudGhlc3Rhci5jb20vIixudWxsLFtbOCwiMlZQMGtRYXF3dHMiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsyNCwiIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
99bf9ad7ec642dd64dbc36739410459b24b712ccd93119d1939faab70fb18010
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z6L2oSO2EwBlVgowCvGMyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NKQYpD4-pJJDYid0mewBgBx681zrJOB2GjteVYHIE76d561AIgNFS6x2gOxY9ElVk8gVu25xGoMxPfXXWJ9DsQf6i-z_gDiGecvsy4A4iKJK6wNQMzw9QorBxBX_7rK2gzEtqzXWF2BWIiHY_3TDXvYBDrWrp3OqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRqYGhopmdgGl9gAABmy0xF"
content-security-policy
script-src 'report-sample' 'nonce-Z6L2oSO2EwBlVgowCvGMyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxX78Jrv1uxF0AytCTtrQ-aK1bhjSMnepz1AtTPUBgQs96NSK13LtXqlLP0yOdTCfJ1oXoKHlUTDzsG0ew9KbnA2ohYNt2E1nFbzaJXPORGuLncncFfWm4OyAM9p1wJ_3-OmqwR-DQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX78Jrv1uxF0AytCTtrQ-aK1bhjSMnepz1AtTPUBgQs96NSK13LtXqlLP0yOdTCfJ1oXoKHlUTDzsG0ew9KbnA2ohYNt2E1nFbzaJXPORGuLncncFfWm4OyAM9p1wJ_3-OmqwR-DQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.2VP0kQaqwts.es5.O/d=1/rs=AJlcJMx-uDKfz5RVguZ8g7PfzzTocKGHcw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xb5Gw5kfzDmf1tY9f4LVYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.thestar.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIdj_dMNe9gEfryesYNRySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkaGBqa6RmYxxcYAAAivCto"
content-security-policy
script-src 'report-sample' 'nonce-Xb5Gw5kfzDmf1tY9f4LVYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.thestar.com
content-length
0
x-xss-protection
0
server
ESF
websiteconfig
api.btmessage.com/ 		960 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btmessage.com/websiteconfig?bt_env=prod&o=5071905434894336&w=thestar.com&l=EN
Requested by
Host: cdn.btmessage.com
URL: https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f478f5bbee9cb45b8e9de4b05b5ac8db4ea8525d7ef237d04fd28560386f83e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"dda128060e36d0e1f8c5fc766e0d1099"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VEo8Oc3DqsSxYX2diVCcNgY0JTtHXga3BhpruqH4R9Nv3PPxik80qZZx53Dgz%2FO7NwEW8xNcHrIFji7ydKeY7TbtA28W2SriOsvdDH6jo84wsUajoDQjDyiPnsMNX8Fu9SQG"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=22455&min_rtt=19000&rtt_var=281&sent=61&recv=53&lost=0&retrans=6&sent_bytes=63479&recv_bytes=2388&delivery_rate=5160&cwnd=257&unsent_bytes=0&cid=4974f6bf5fd9e857&ts=440&x=0"
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
application/json
last-modified
Sat, 18 Jan 2025 22:59:05 GMT
vary
Origin, accept-encoding
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
9042346a7d27a253-YYZ
access-control-allow-origin
*
content-length
461
server
cloudflare
icon.ico
www.thestar.com/content/tncms/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thestar.com/content/tncms/site/icon.ico
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-midwest-1.vip.tn-cloud.net
Software
/
Resource Hash
0db6de4c7acdd82e35b39c6e7d8051759fe5c0ef38be0da452f8fed09fdd3e66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-vcache
HIT
cache-control
public, max-age=43200
etag
"6501d32a-47e"
age
41436
accept-ranges
bytes
content-length
1150
date
Sat, 18 Jan 2025 11:30:27 GMT
last-modified
Wed, 13 Sep 2023 15:20:10 GMT
content-type
image/x-icon
state
api.btmessage.com/mw/ 		0
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btmessage.com/mw/state?bt_env=prod
Requested by
Host: cdn.btmessage.com
URL: https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvJo4wY1RHwVcUyLX12VSluvp9hhIYvL6ShcOLPzWrzTq5vApn5ex9fcyoceSocHMZZ9VFX8Hu%2Fa2fXiCohvu7tw1fO2LBBv5QONT93L%2F3KVWmO0b8lrjT%2BflA89nb32%2FnYS"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
9042346b0ddea253-YYZ
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=21110&min_rtt=18359&rtt_var=580&sent=64&recv=57&lost=0&retrans=6&sent_bytes=64590&recv_bytes=2455&delivery_rate=214285&cwnd=257&unsent_bytes=0&cid=4974f6bf5fd9e857&ts=536&x=0"
date
Sat, 18 Jan 2025 23:01:03 GMT
vary
Origin
server
cloudflare
/
invalid/ 		0
0
webfonts43j533.js
cdn.btmessage.com/ 		9 B
683 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.btmessage.com/webfonts43j533.js
Requested by
Host: cdn.btmessage.com
URL: https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35afa9efa47ecc126d99ecb0d56b8100fc7c7e986269a057e6affc1cdfeee7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=xM8wXg==, md5=ZFYTTmNc32kMQ/0FYsbamg==
cf-cache-status
HIT
etag
"6456134e635cdf690c43fd0562c6da9a"
age
204268
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWF%2BobZon1lUV1E3yxtESU4RpmJX8ZnW97TEyZ2aU8dJoiFAeyN5Pr7%2Bp7wfyN%2FJFWFlnbR4t3f%2Fa2dDCrxVGFrX65svEhCHedwHvW%2BxvW8gR0GHidUgDpwfNGea16OoCE%2Bw"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 16 Jan 2025 14:23:12 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=20972&min_rtt=18359&rtt_var=597&sent=65&recv=59&lost=0&retrans=6&sent_bytes=65011&recv_bytes=2520&delivery_rate=214285&cwnd=257&unsent_bytes=0&cid=4974f6bf5fd9e857&ts=573&x=0"
x-goog-stored-content-length
9
date
Sat, 18 Jan 2025 23:01:03 GMT
content-type
text/javascript
last-modified
Tue, 06 Aug 2024 16:00:19 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7IuzQpwlLcriJsKZaruCGohOdFHi0abW5bfpfYPWG8GZ7TL-kgSk8l8QqoGuNW-wlc
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
9042346b6e40a253-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1722960019169879
content-length
9
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
984 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: cdn.btmessage.com
URL: https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
807160
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4hoISK45xAvaKqT0ke%2BklJHW4KX0PziwKBY8a%2B7HO2nwmyUdpXEBAglS8dPrgllmktQ0Q2IjIF4etv3AR85CFgdYkQ3p9HzsIhdTB7YuGCops2KNYqbSePjtDe5ualXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 09 Jan 2025 15:33:41 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=20884&min_rtt=20865&rtt_var=4432&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4353&recv_bytes=2257&delivery_rate=188556&cwnd=252&unsent_bytes=0&cid=07a47d5739036c11&ts=33&x=0"
x-goog-stored-content-length
43
date
Sat, 18 Jan 2025 23:01:04 GMT
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
content-type
image/gif
x-guploader-uploadid
AFiumC5HnLgPqWVGJAB-5R_muqbIliFjwU1MOD0DvtShUpRD4gsayjXv7Ug7XMvSXR3wDQmVx2bi9yM
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
9042346d4d80b408-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
ingest.php
events.newsroom.bi/ 		165 B
905 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
120
date
Sat, 18 Jan 2025 23:01:05 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
favicon.ico
ad.doubleclick.net/ 		1 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: cdn.btmessage.com
URL: https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.6 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
age
862
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 19 Jan 2025 22:46:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 22:46:38 GMT
last-modified
Tue, 08 May 2012 13:08:06 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.26537808412308084
Requested by
Host: cdn.btmessage.com
URL: https://cdn.btmessage.com/script/rlink.js?o=5071905434894336&bt_env=prod
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
807160
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mU2fz5bQopPHQWAqx2%2Bo7vSuk%2BvgVychdxQOyFKEoB5xDP9gXnAFsKUQodkdl6a4OlBx4GUxkHGZt%2Fm1517%2Bxn0wwGLA5pBClHvWgVt4JyqYn0Qf5ofxmZXRKA%2FJR0fU3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 09 Jan 2025 15:33:41 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=20798&min_rtt=20086&rtt_var=2295&sent=9&recv=15&lost=0&retrans=0&sent_bytes=5359&recv_bytes=2364&delivery_rate=188556&cwnd=255&unsent_bytes=0&cid=07a47d5739036c11&ts=79&x=0"
x-goog-stored-content-length
43
date
Sat, 18 Jan 2025 23:01:04 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC5HnLgPqWVGJAB-5R_muqbIliFjwU1MOD0DvtShUpRD4gsayjXv7Ug7XMvSXR3wDQmVx2bi9yM
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
9042346d8dd1b408-YYZ
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
ads
securepubads.g.doubleclick.net/gampad/ 		167 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3632500157045259&correlator=1482239938659982&eid=31086815%2C31089811%2C83321073%2C31089253&output=ldjh&gdfp_req=1&vrg=202501140101&ptt=17&impl=fifs&gdpr=0&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=2x1%2C1x1%2C970x250%2C300x600%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1737241264312&lmt=1737241179&adxs=799%2C800%2C230%2C1055&adys=0%2C0%2C177%2C1212&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.thestar.com%2F&vis=1&psz=1600x-1%7C1600x-1%7C1140x250%7C300x600&msz=1600x-1%7C1600x-1%7C1140x250%7C300x600&fws=516%2C516%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&topics=1&tps=1&htps=10&a3p=EhoKDWNyd2RjbnRybC5uZXQSABj775fdxzJIAA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1737241257528&idt=2771&prev_scp=pos%3Dimpact-top%7Cpos%3D1%7Cpos%3D1%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.45%26hb_adid%3D33db000dd1a4ac5%26hb_bidder%3Dappnexus%7Cpos%3D1%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.15%26hb_adid%3D368bb40b54e3803%26hb_bidder%3Dix&cust_params=browser%3DChrome%26k%3Dtoronto%2520star%26page%3Dhomepage%252Capp-editorial%26environment%3Dprod%26cutpoint%3Dlarge%26section%3Dhomepage%26subsection%3D%26lotame%3D1045779%26lpid%3D2220837bbcd9fc32adc93aa27d6a84a7%26cc-custom-taxonomy%3D&adks=3334131667%2C1024014762%2C2574267985%2C3682374077&frm=20&eoidce=1&gblpids=~~%2F58580620%2Fthestar.com%2Fhomepage%23ad-3489852~%2F58580620%2Fthestar.com%2Fhomepage%23ad-2827005&td=1&egid=61431&tan=9a18b02c-6e01-4eda-9c22-857fe8ef8dbd%2C9a18b02c-6e01-4eda-9c22-857fe8ef8dbe%2C9a18b02c-6e01-4eda-9c22-857fe8ef8dbf%2C9a18b02c-6e01-4eda-9c22-857fe8ef8dc0&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
d20d689e67d7e16e67057d278f9e1f38e416880fa0a9f448a6bd9ba30a999a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
dcb
google-lineitem-id
6395607082,-2,6859631008,6875167138
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 18 Jan 2025 23:01:04 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138445168598,-2,138501312031,138503652766
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.thestar.com
content-length
14660
x-xss-protection
0
server
cafe
container.html
258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1706 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.193 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jan 2025 23:01:04 GMT
expires
Sat, 18 Jan 2025 23:01:04 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-906OrIR8_3yayDxTLisdaoah3BXfiI2EAVKDJndhew11Q8rA3PG6DZ6ejD0h0wXYYXNxm0lU_T-L2OaCCWxfHKk5zuMY4KzDlZpVKvXC92ZdW0QqG_gwYglKlqcj2oJ9smO5fwlPp5Cv4pGnwFaikjD-GtKyoYIPg5u8ozg8JlXoaPEKHblfbo0F_HPrWZXOFCxgOQHQG6m-OXIJGUEoOOOE1FCDcBDWmguzHGS76FcPPvThp3i6xn_BUrtkMIB_T67sFrYCmY_vzc3iBORRooemu7bNmYpuZmMMUiITYXna6zlAyV5cowgaWmKy6A9xlHS4Ti4kPhNd0WU1NhB2c4Ntjku4OtFnSPXkdfYt8yGE9JdD38HuFlgpB5ShL9OVhcR3vmet8A&sai=AMfl-YQYaB_gguisyAuF7GI9xRyvhAkiW24bxHIXahg_IaqUFgc6lDzeK1ADhf3GIWzkQQwwLf1qm5b1JoRGsoRDzzpxzFDYpGUzfOPJHBQInZSWneeaCsWaevCfQWE&sig=Cg0ArKJSzOKkwzhIAncwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pub.js
s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/ Frame 9C1D 		39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.92.184.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
2594d4b330d2cce12d75540e7535d674155fd072dbf0cd9051124cec391710c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-id-2
MftgYMzt2o+K0tT3ko2Uq4vbVI0f0YvI1UdUrOLzeegIEQrIfxSeXkzNS6su+6aYZuhyRAIxa2s=
ETag
"53a068f8aa462482f065a4a31d34bb2e"
x-amz-request-id
26HBJR2FGZS9SRX6
Accept-Ranges
bytes
Content-Length
40274
Date
Sat, 18 Jan 2025 23:01:09 GMT
Last-Modified
Thu, 12 Dec 2024 16:56:14 GMT
Content-Type
text/javascript
Server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9C1D 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e85f321211dd46eaf7f889826ecb61273dd5b452178e5ff80cfc6ac09538b7fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
16822743467033048381
age
1799
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:31:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 22:31:05 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68585
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 0840 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPNgNd6nBKUMyD4ATc99ZK12a8iWEHSGKIj75eVmSdUsbn8f6_AEb7DKND1EOgBhJATAITYXvY1EzX8aw8QFOyUDxryCpTdbDKjiXhFPvtXwdB2dGoedrOlXRbNxxjzOYKLaHHQjQXxfo47HANPNjkM5zxUO3waCTNUxU1KGVLJBTVoIOaZF15BQa_k2XVpQ2Pyf036IsauNm7_zSFwF_hmckD2R7_S6psofP-LxgY7dMO31vmjC97Yf8m1M2DjGRp_uYOQo4-zsUP7nzOd6Ho-blIq8FHtRz5XgjdFQkg6c-i38YFwhyYL7pIuYNcnl9sMobSYEPTk3uW1wHmrKwnL3y3t5dcOWO7bJCLDri1Oswc0uoZJoKrhqBvAWTW7ZHUIIK_IXJmnA4lA8b97gGJ-iW7I4rPA2mthg7FzZHtg3cklfXCjxzI&sai=AMfl-YQfINUAXCb7e-k90D2fVkMYbvH6lMBe9bY471cu9jtEzfiBdp__UDP-81j3OxbjHBOE3fKlQsBDqC354ReRyps_Q0ZkH27J2MZhH1mm2O9uYLIT8NHld4ucQys&sig=Cg0ArKJSzCGeLTWt1TP7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250114/r20110914/ Frame 0840 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250114/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f1.1e100.net
Software
cafe /
Resource Hash
04581663a590a3b051b88aa91a71c8941e064d62839993b3f47ff8aa1b21017b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
11142831916997917408
age
4007
x-content-type-options
nosniff
expires
Sat, 01 Feb 2025 21:54:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 21:54:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9157
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250114/r20110914/client/ Frame 0840 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250114/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
2300
x-content-type-options
nosniff
expires
Sat, 01 Feb 2025 22:22:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 22:22:45 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0840 		216 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e85f321211dd46eaf7f889826ecb61273dd5b452178e5ff80cfc6ac09538b7fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
16822743467033048381
age
1799
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:31:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 22:31:05 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68585
x-xss-protection
0
server
cafe
12540346542198824780
tpc.googlesyndication.com/simgad/ Frame 0840 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12540346542198824780
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f1.1e100.net
Software
sffe /
Resource Hash
b79c84ddf5270495aedad399a30f1aee0be8dcdf300ad82100b11e5f20794ac1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

age
291107
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Thu, 15 Jan 2026 14:09:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Wed, 15 Jan 2025 14:09:18 GMT
last-modified
Tue, 10 Dec 2024 20:24:46 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
131910
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 0840 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5B93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlmzphoXTxR7Slfec0j6ka9bwgEweK1fyOE5WSKup6p5Xg-nIegUJAypFbEV1u2G_VgGQbxw9GvDTG-9t-ACW3ug0FmJjyN0jYrUYNxH0CZ2tU7clTVTns3hAgakjj9ybAMpqZ-kggKTDrV5n2j-s74ywauJE2iZHHtmEhxySskxPZEtItp3REJiQ-Y6AsZyXpuj_BsshAdf7gGeYD7F4vrbxSgXUfD_MvXjGLrRzW_FnRF3zqdMcD3cmfIB4qsNr9E1CmSvT2ckTGRjwFyA1CncAB9CLLh3fQCGX-crQpNqed8EtCLJfeOp101RavSHLb7XUQoOW-K6yvD89_-F75EseSVKr7uzj5_hEX3nvTc16HNdBiFOD9tJw8f5XX7WjTSPxHUvVsYMffe7vDMyaYD0cc3a0mBuv5-dS9q8qHKK7DyHCaXkv6&sai=AMfl-YSOqGfFtFBXBCcRrnpHPfkAdkoHmuPkEJXZxvcg24I9-SKYo5sJnnD28dUoF3LEybBGwMVtrJ9BeDyCMGi8em64Q5ZQFrojN1WlbGDLk9N2R1Eb0vIawvFPsQs&sig=Cg0ArKJSzOpVkTdoJ0VqEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:04 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250114/r20110914/ Frame 5B93 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250114/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f1.1e100.net
Software
cafe /
Resource Hash
04581663a590a3b051b88aa91a71c8941e064d62839993b3f47ff8aa1b21017b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
11142831916997917408
age
4007
x-content-type-options
nosniff
expires
Sat, 01 Feb 2025 21:54:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 21:54:18 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9157
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250114/r20110914/client/ Frame 5B93 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250114/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
6567774568227038691
age
2300
x-content-type-options
nosniff
expires
Sat, 01 Feb 2025 22:22:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 22:22:45 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5B93 		216 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
e85f321211dd46eaf7f889826ecb61273dd5b452178e5ff80cfc6ac09538b7fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
br
etag
16822743467033048381
age
1799
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:31:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 18 Jan 2025 22:31:05 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
68585
x-xss-protection
0
server
cafe
17347679614255390894
tpc.googlesyndication.com/simgad/ Frame 5B93 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17347679614255390894
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f1.1e100.net
Software
sffe /
Resource Hash
fead775e27c60b9db2cbaa1304ccf7a7a50f1a334806a9665f0620f2ebe83775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

age
36219
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 18 Jan 2026 12:57:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 18 Jan 2025 12:57:26 GMT
last-modified
Tue, 31 Dec 2024 18:09:01 GMT
content-type
image/jpeg
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
189078
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 5B93 		0
0
truncated
/ Frame 0840 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5a8391f2f237d594be86bd7e8b032216983a3fb1f802f85170266e75112de2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 5B93 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
783aaafbf6c896f4ae5e3018fd8e0f8e2b2663128e569268da6b32f35efa2bac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0840 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0840 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501140101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 0840 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYf5-mNZySnFC-FRCU-FSp_Cb8outxPQUoJOizfALvykhZD9ZcaLCEfFwF5khFa8Q-TTmtTXpTE0nG2-QlfcJ94FWELTb4uIqMdgObza9KwIYyHloYnwRFcrQJodko8R1Vv6FVrkxF24K7cELudPl2QXsiLZcClf5G5gG2z5XYY5O0jNhF2kG1_FW1QcOHgbUNcXeB8nI_s1_0VZnPO6Qpwg1GTFJXs4llOT6GQU-VHo4pjiTqXy5479JFhcuJslDjoTUXtcqvZ8xzy-6befrm_aebgEibD82LE85zNWFNHL7mojBtpSX_5leIzKyBoguKjIKIZqm6nmgvjWCWOj_Zpxzb85DsKWUY6GOZjZ4LGMalg9S0GbND02fa92SPLbmVYf-pVLn3GuAve0N3CUm0M3tApYwg4MU61_qN_FUlt9tLOLzvmSGgbiA&sai=AMfl-YQOOwYXqbDzGtqT6GuuvE7ZuZzugU1FXRomf3VmdO2CPepQqTLCRPDtlsla8KMlQe9zjIITnc6e6gtj6MIzZpvBR0TLSX69lgc8kvlDmw9lhPU3m3xyYHzgtT4&sig=Cg0ArKJSzGhH5AnyMb76EAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:01:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
geo.privacymanager.io/ 		30 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-101.ewr53.r.cloudfront.net
Software
/
Resource Hash
b7f807205142bbe9c42e24df2a3bcdaf29b0027d7a21b7fa9fe816c39d6dc3db

Request headers

Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

x-amz-apigw-id
EmyScEdejoEEe-g=
age
470
x-amzn-trace-id
Root=1-678c30dc-2625a4a01ce23b1465cf9cee;Parent=7dff91ba47b75320;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
a5c4a31f-4b8c-4852-bc85-17204815d26f
via
1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront), 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30
x-amz-cf-id
WpGwiyaO_abs9xRngyJmoH7u_r1lZrUts_BX-CRYxZedNPxI48h3Pg==
date
Sat, 18 Jan 2025 22:53:16 GMT
content-type
application/json
x-amz-cf-pop
IAD55-P4, EWR53-P1
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-101.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sat, 18 Jan 2025 23:01:06 GMT
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront), 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
x-amz-apigw-id
Emzb5FnXjoEEklg=
x-amz-cf-id
K-ONxFzPRJYU3wEuZ4O5jx-GjxFpYFEG0ce2I4G36PZNYi8pSWOhfg==
x-amz-cf-pop
JFK50-P6 EWR53-P1
x-amzn-requestid
d07dc605-971b-4297-a4c5-8cde29a72700
x-cache
Miss from cloudfront
beacon
ce.lijit.com/ Frame DD2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13398908
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.175.176.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-176-142.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
1203
content-type
text/html
date
Sat, 18 Jan 2025 23:01:05 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept-Encoding
pd
torontostar-d.openx.net/w/1.0/ Frame 187F
Redirect Chain
  • https://torontostar-d.openx.net/w/1.0/pd
  • https://torontostar-d.openx.net/w/1.0/pd?cc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://torontostar-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
1247
content-type
text/html
date
Sat, 18 Jan 2025 23:01:12 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
178.249.214.139

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
0
content-type
text/plain; charset=utf-8
date
Sat, 18 Jan 2025 23:01:12 GMT
location
https://torontostar-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
178.249.214.139
async_usersync.html
acdn.adnxs.com/dmp/ Frame C905 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38511
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 18 Jan 2025 23:01:07 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 01 Jan 2025 12:18:41 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2320502, 70401
X-Served-By
cache-lga21982-LGA, cache-yyz4528-YYZ
X-Timer
S1737241267.325455,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 0E83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
931
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
9042347c7ad8711d-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Jan 2025 23:01:06 GMT
expires
Sun, 19 Jan 2025 03:01:06 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F826 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=165546
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=57718
content-encoding
gzip
content-length
6694
content-type
text/html
date
Sat, 18 Jan 2025 23:01:09 GMT
expires
Sun, 19 Jan 2025 15:03:07 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5AFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.217.173.107 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-217-173-107.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 18 Jan 2025 23:01:06 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&...
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553&gdpr=0&gdpr_consent=
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
3.87.46.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-87-46-209.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

cache-control
max-age=0,no-cache,no-store
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553&gdpr=0&gdpr_consent=
pragma
no-cache
via
1.1 google
expires
Tue, 11 Oct 1977 12:34:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length
0
date
Sat, 18 Jan 2025 23:01:08 GMT
server
A
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
3.87.46.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-87-46-209.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=
content-length
323
date
Sat, 18 Jan 2025 23:01:08 GMT
server
Kestrel
sync
ssbsync.smartadserver.com/api/ 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 5B93 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuemkghZdHqEcn6WNRbORwQRp6nWNMjHdiR2jGpFOlK-d-a6XYRsdOwODcuCcmHb3fCTR1Dl1XOjhFHyTXuSxpCN-tDvCUjy8Z54lgmDr-GKVV1PxM6V5IgeEHybITIFVTfQToSW0y4w9qyGhNp2gmLacQg0D-5hebqzkXF-S0AfuevgykPdpwFv1dafufMXPP11Gx460Xux9DT8Cje6-jeDZ5Olmdhxkh4RQ6ZMrG8Nl3GLxa33xCOpwJab76-bcUJRIbTzN7D3qnTkN7PK8J-t8N69dUtGjHgz6-IRX8pLP7Ko6VDzg6UGcpAaeBxCaUY6xlCv0_Y4gsDdgcV6GHTWu4JxELfon4MSeigxx11d6CGg6u_RpzdcULZ66kEUM1TkXpBgD0gbVqU8XquDn6Ika1f1B-lXOMJ3b1-XtDb8lriZckCRIhovaM&sai=AMfl-YQY18Ck8IetNetIT2vxY3fclJPDXsqBg67ZqbYRwOrJvxONTV1w7xCPEsHFEZgeLPRezemFqXSF6buVnyrL6f-_cKd-V4wM_Q_v6wCDrvnO2RTyubUii7P-i2s&sig=Cg0ArKJSzECplUwZWlcyEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:01:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:05 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
rfv.php
events.newsroom.bi/data/ 		27 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/data/rfv.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
content-encoding
gzip
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
42
date
Sat, 18 Jan 2025 23:01:05 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
recirculation.php
events.newsroom.bi/recirculation/ 		12 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
12
date
Sat, 18 Jan 2025 23:01:06 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
recirculation.php
events.newsroom.bi/recirculation/ 		12 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
12
date
Sat, 18 Jan 2025 23:01:06 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
recirculation.php
events.newsroom.bi/recirculation/ 		12 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/recirculation/recirculation.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
12
date
Sat, 18 Jan 2025 23:01:06 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
activeview
pagead2.googlesyndication.com/pcs/ Frame 0840 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucQjCNQFD6038Gq4dJ8hzjM3uTFVWfk0vEKFYZW42g6QUO-m-3SfRS9QpA2W3xwa1iHrid42D7aMp56UY9bbeExkspnEBMBHVAeRl1ulCYL9rjIDoCEF2WbACr5HVxFwBiBP5kzGV2viHnZ5jejAYk-bTlvvZqaPEWJuXiCJ4opgiuGK_UQtblwEM3SsJMOLvcvA&sig=Cg0ArKJSzHY33ndNUdCEEAE&id=lidar2&mcvt=1003&p=177,315,427,1285&tm=1450.2000007629395&tu=447.5&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20250115&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2574267985&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3317406400&rst=1737241264737&rpt=683&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 18 Jan 2025 23:01:06 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ats.js
ats-wrapper.privacymanager.io/ats-modules/5cef6f5c-4c73-4399-81cf-03368db6d14a/ 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats-wrapper.privacymanager.io/ats-modules/5cef6f5c-4c73-4399-81cf-03368db6d14a/ats.js
Requested by
Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-104.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d2884ae34e8dce822c3ee0949aeaca3f6bfedd88348d7c29ce2cab3a9f262e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

vary
accept-encoding
cache-control
must-revalidate,public,max-age=3600
content-encoding
gzip
x-amz-version-id
QCmNEHKKNJvrSUuHH4SeALRiXy6b7mjC
etag
W/"ace42b1e148c2f8948bf26ed15d33432"
age
967
via
1.1 de1b9ae25d558e06a3362166bd9d3342.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
lhfO2fxhKAKyjpjHLSTvl8ieKC16CeFfKprvdZ9vwXy7HeZXV_5IUw==
date
Sat, 18 Jan 2025 22:45:01 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 14:30:56 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P9
x-amz-server-side-encryption
AES256
/
px.ads.linkedin.com/wa/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thestar.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1E07AB4BAFAA40059ABC8E8C8B241305 Ref B: YTO01EDGE0510 Ref C: 2025-01-18T23:01:06Z
x-li-fabric
prod-ltx1
access-control-allow-credentials
true
x-li-uuid
AAYsAwCbbQDreEpj3Gcudw==
x-li-proto
http/2
access-control-allow-origin
https://www.thestar.com
x-cache
CONFIG_NOCACHE
date
Sat, 18 Jan 2025 23:01:07 GMT
vary
Origin
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.153.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-153-142.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.thestar.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sat, 18 Jan 2025 23:01:07 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.153.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-153-142.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.thestar.com/

Response headers

date
Sat, 18 Jan 2025 23:01:07 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
5028
config.aps.amazon-adsystem.com/configs/ 		531 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/5028
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-56.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b206fa21311d004bf5e85a9738291729a149639b46e2314554974f2576d1ba22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=3600
age
1144
via
1.1 cf498d1eb1eabcd3ba17659086fa3f86.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
sKlk3NImMdou4ufCUdc643ngnI0x1fy5NTYKEcHTWPnfUvnseEIKaw==
date
Sat, 18 Jan 2025 22:42:04 GMT
content-type
application/javascript
x-amz-cf-pop
JFK50-P3
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		706 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
89fca6632a242cec71747b561ec72831e28fd40b32d5c7224ea9e930920abbaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
6251
access-control-allow-credentials
true
via
1.1 d33ed2107293e32734a96656b820e092.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.thestar.com
x-cache
Hit from cloudfront
content-length
706
x-amz-cf-id
r78iOaRe6tQTRUeGSrN4NXFDhZXxsUy_CZ1tYEsObw8mC-LPH01FjA==
date
Sat, 18 Jan 2025 21:16:56 GMT
content-type
application/json;charset=UTF-8
x-amz-cf-pop
JFK50-P3
server
Server
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F&pid=541oTVIlqwNnV&cb=0&ws=1600x1200&v=25.114.1705&t=2000&slots=%5B%7B%22sd%22%3A%22ad-2827002%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-3426075%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-3489852%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2827005%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=35a8542a-4802-4e3a-b2bf-1fe8859994b8&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.93.221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-93-221.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 1b875a3a250909f255b3e40ca099587a.cloudfront.net (CloudFront)
access-control-allow-origin
https://www.thestar.com
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
bN_kmgW59lWG-hOj1XqBMH_MrRpTq_MvpxYrRNeQQ-H1s0VVNd3XvQ==
date
Sat, 18 Jan 2025 23:01:08 GMT
content-type
text/javascript;charset=UTF-8
x-amz-cf-pop
JFK52-P9
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.112.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-112-90.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
28636
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
1iMK8FFpzTFOE2a7BKd38STvcOYnMZ7qO5bvhBL_h448VHVW4iFtnQ==
date
Sat, 18 Jan 2025 15:03:56 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 153c5cd2b3e635613d0a2fa0f107993a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
/
geo.privacymanager.io/ 		30 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/5cef6f5c-4c73-4399-81cf-03368db6d14a/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-101.ewr53.r.cloudfront.net
Software
/
Resource Hash
b7f807205142bbe9c42e24df2a3bcdaf29b0027d7a21b7fa9fe816c39d6dc3db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

x-amz-apigw-id
EmyScEdejoEEe-g=
age
472
x-amzn-trace-id
Root=1-678c30dc-2625a4a01ce23b1465cf9cee;Parent=7dff91ba47b75320;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid
a5c4a31f-4b8c-4852-bc85-17204815d26f
via
1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront), 1.1 b8d8693cc4ac05b6a9cebe2651a2c8b8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
30
x-amz-cf-id
3yk3JvaiC8oJv-1N6SNVMlA2yZ_Lzds4eMvYxEQ6YlnfAMpsfrchNg==
date
Sat, 18 Jan 2025 22:53:16 GMT
content-type
application/json
x-amz-cf-pop
IAD55-P4, EWR53-P1
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
placements
mia-placement-server.rubiconproject.com/ Frame 9C1D 		983 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/placements?location=https%3A%2F%2Fwww.thestar.com%2F&publisherId=62019&size=xl
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.49.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-49-136.compute-1.amazonaws.com
Software
/
Resource Hash
72a5e785dcde8c98b9959340965fdabd55d736b7ae6df7f66363ce75b20d7203

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
983
date
Sat, 18 Jan 2025 23:01:08 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 18 Jan 2025 23:01:08 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 9C1D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08cc958275047af1fecd48d2b4bcf141128cc5ac87d7b2c891170b541c5fb2a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvE2tKWuKJq5HNGlq2AsIIC6-6odSX8JOlOwTphddQM7wUC7Aq-rhfLBI7RJ5_aetfd4jXx77DjXnieHPqK-L7gajiDz8X1lGk1SoSMuevnu82Ird8vJRUUThakcMDHkaJbgQbM1Zx7x0uHGREVWL5b2Hl5A5P-97-SPARSgE5G70aVEs2CJGstFcf6QhirXlGdYhhGDbVpckmtUc892kOkHpvBGmC4aJisya-UzWvo1-lKBbudtnB2jQsn2HBu1-wk7VeCtVTU6vUxHIRZUVHZ1JdKBykI8ap02kYkSuZTMMMRXzKoMwNT4iAsVq7xoSb_08RN1tPz7UH3LEp5iaDeblHNUJqp30JbgP7C7-a0GNL56xu2xaI1lO-cg-X8r7z06J1C4h9p1m-D&sai=AMfl-YRyJavvM-qTvFVKryfvd13cxfgC3XUqdUEH6NENOfU05gp5Kwbm8TsoJIuE6iNZGUPMsQxiEckboq5Or-LG42KfyGIBKjh9pNtZhH3Q__jJ1rtGMXEkBQqdQdo&sig=Cg0ArKJSzO_F4tDEChM9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 23:01:08 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 18 Jan 2025 23:01:08 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 18 Jan 2025 23:01:08 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jsonp
sync.springserve.com/usersync/ Frame 9C1D 		61 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync/jsonp?callback=callback
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.26.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-26-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fcd001829961436ce02f62f8a16cdfc1f4443074f6d8af8718c259458207d347

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
https://www.thestar.com
content-length
61
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
application/javascript
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
ssusersync
tv.springserve.com/ Frame 9C1D 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tv.springserve.com/ssusersync?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.152.31 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-152-31.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ee55b08ce119ab6d654b4dddebb87cda0f831cf2b29fcd3dcbb54d00300a458

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
https://www.thestar.com
content-length
7240
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
application/javascript
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je51g0v887944298z8887101457za200zb9101115636&_p=1737241259646&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=102067555~102067808~102081485~102123607&cid=1196127677.1737241261&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1737241260&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&_s=2&tfd=13046
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c&gtm=45He51g0v9101115636za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
text/plain
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je51g0v887101457za200zb861227858&_p=1737241259646&gcd=13l3l3l3l1l1&npa=0&dma=0&tcfd=10000&tag_exp=102067555~102067808~102081485~102123608&cid=1196127677.1737241261&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&dl=https%3A%2F%2Fwww.thestar.com%2F&sid=1737241261&sct=1&seg=0&_s=2&tfd=13075
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He51g0v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.thestar.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.thestar.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
text/plain
server
Golfe2
14048
rtb.gumgum.com/usync/ Frame 87D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.107.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-107-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length
552
content-type
text/html
date
Sat, 18 Jan 2025 23:01:10 GMT
server
nginx
usermatch
ssum.casalemedia.com/ Frame 2126
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=191709&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%...
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=&s=191709&us...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=&s=191709&us_privacy=&C=1
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
904234919c34ac25-YYZ
content-encoding
br
content-type
text/html
date
Sat, 18 Jan 2025 23:01:10 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jtYSSO%2FQreicFJsShKSbiUgFnKo9p5UJ4f8gwhveWpAibwHf6VJ5lC5KRypNcuO4xmgULfeG1qhsL0tV0ozbZ4XcLql%2BuYVTzyGAFLwWw3kaqVI9uGXUZhW0yKOS%2BjrEEawD0nJ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
904234912b9cac25-YYZ
content-length
0
date
Sat, 18 Jan 2025 23:01:09 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=0&gdpr_consent=&s=191709&us_privacy=&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLgkvHR4hbLGRsoaFuAUKnNvfMS5r2N22yWPxibHwXyt4%2BpO0zObyta6vKsvxTwlPEfs%2FpO4wmoOFQDnPZg8Kaf3k4CpcMyRQ1VlUBU8owILOqrNctWDa2%2FPTGP47l8Iv5TqBCrD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4B4B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-57-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.thestar.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=57718
content-encoding
gzip
content-length
6694
content-type
text/html
date
Sat, 18 Jan 2025 23:01:09 GMT
expires
Sun, 19 Jan 2025 15:03:07 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=&us_privacy=&uuid=5032042615911074898
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=&us_privacy=&uuid=5032042615911074898
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:10 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
no-store, no-cache, private
location
https://vid-io-pdx.springserve.com/usersync?aid=1000001&gdpr=0&gdpr_consent=&us_privacy=&uuid=5032042615911074898
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
178.249.214.139; 178.249.214.139; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
01565c4c-207e-458c-9d4e-913f3a20f2aa
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 18 Jan 2025 23:01:09 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
syncb
sync.bfmio.com/ Frame 9C1D 		0
0
um
cs.emxdgt.com/ Frame 9C1D 		0
0
sync
pixel.advertising.com/ups/58185/ Frame 9C1D 		0
0
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7B...
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D&us_pr...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=&us_privacy=&uuid=6a6ffed8-630e-42ad-be81-8e3073a7954c
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=&us_privacy=&uuid=6a6ffed8-630e-42ad-be81-8e3073a7954c
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:10 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
private, max-age=0, no-cache, must-revalidate
location
https://vid-io-pdx.springserve.com/usersync?aid=1000008&gdpr=0&gdpr_consent=&us_privacy=&uuid=6a6ffed8-630e-42ad-be81-8e3073a7954c
pragma
no-cache
x-forwarded-for
178.249.214.139
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 18 Jan 2025 23:01:09 GMT
vary
Origin
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 9C1D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DP...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=157310&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DP...
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
0
0
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=0&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=&us_privacy=&uuid=jHIcZyFqInUA&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=0
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=&us_privacy=&uuid=jHIcZyFqInUA&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=0
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:10 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://vid-io-pdx.springserve.com/usersync?aid=1000011&gdpr=0&gdpr_consent=&us_privacy=&uuid=jHIcZyFqInUA&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=0
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-fbbfc694b-2mx58
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-CA
server
Jetty(11.0.24)
rmphb
sync.1rx.io/usersync2/ Frame 9C1D 		0
0
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BU...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=&us_privacy=&uuid=b0c214e4-3a9a-4cb3-bd86-311d57168408
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=&us_privacy=&uuid=b0c214e4-3a9a-4cb3-bd86-311d57168408
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:15 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
no-cache, no-store, private
location
https://vid-io-pdx.springserve.com/usersync?aid=1000013&gdpr=0&gdpr_consent=&us_privacy=&uuid=b0c214e4-3a9a-4cb3-bd86-311d57168408
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Sat, 18 Jan 2025 23:01:15 GMT
tcn
Choice
content-type
text/plain; charset=utf8
vary
negotiate,Accept-Encoding
server
sonobi-go
x-go-server
go-iad-2-5-74
x-xss-protection
0
pubsync
pbs.publishers.tremorhub.com/ Frame 9C1D 		0
0
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://vid-io-pdx.springserve.com/usersync?aid=1000016&gdpr=0&gdpr_consent=&us_privacy=&uuid=590067679440313043950
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000016&gdpr=0&gdpr_consent=&us_privacy=&uuid=590067679440313043950
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:14 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://vid-io-pdx.springserve.com/usersync?aid=1000016&gdpr=0&gdpr_consent=&us_privacy=&uuid=590067679440313043950
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Sat, 18 Jan 2025 23:01:14 GMT
pbsync
ads.yieldmo.com/ Frame 9C1D 		0
0
usersync
sync.springserve.com/ Frame 9C1D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=52&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000018%26gdpr%3D0%26gdpr_consent%3D%...
  • https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=8980255714392532380
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=8980255714392532380
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
54.87.26.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-26-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

date
Sat, 18 Jan 2025 23:01:09 GMT
location
https://sync.springserve.com/usersync?aid=1000018&gdpr=0&gdpr_consent=&uuid=8980255714392532380
content-length
0
usersync
sync.springserve.com/ Frame 9C1D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58800/sync?redir=true&gpp=&gpp_sid=&gdpr=0&gdpr_consent=
  • https://sync.springserve.com/usersync?aid=1000019&uuid=y-pYORLolE2uKD0mer_SXPLxmNq2krNQZ5~A&gdpr_in_effect=0
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000019&uuid=y-pYORLolE2uKD0mer_SXPLxmNq2krNQZ5~A&gdpr_in_effect=0
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
54.87.26.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-26-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

strict-transport-security
max-age=31536000
location
https://sync.springserve.com/usersync?aid=1000019&uuid=y-pYORLolE2uKD0mer_SXPLxmNq2krNQZ5~A&gdpr_in_effect=0
age
0
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
text/html
server
ATS
sync
sync.sxp.smartclip.net/ Frame 9C1D 		0
0
v1
match.sharethrough.com/universal/ Frame 9C1D 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.87.46.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-87-46-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
0
sync
x.bidswitch.net/ Frame 9C1D 		0
0
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D__STROEER_US...
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22144&cburl=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000023%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D__STROEER_US...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=&us_privacy=&uuid=bff1f85eb7bf42ba8b14758855a3e627
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=&us_privacy=&uuid=bff1f85eb7bf42ba8b14758855a3e627
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:11 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

date
Sat, 18 Jan 2025 23:01:11 GMT
location
https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=&us_privacy=&uuid=bff1f85eb7bf42ba8b14758855a3e627, https://vid-io-pdx.springserve.com/usersync?aid=1000023&gdpr=0&gdpr_consent=&us_privacy=&uuid=bff1f85eb7bf42ba8b14758855a3e627
content-length
0
um
sync.teads.tv/ Frame 9C1D 		0
0
token
pixel.rubiconproject.com/ Frame 9C1D 		0
0
usersync
vid-io-pdx.springserve.com/ Frame 9C1D
Redirect Chain
  • https://cs.media.net/cksync?cs=60&type=ss&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000026%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%...
  • https://vid-io-pdx.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=&us_privacy=&uuid=3802428701783552000V10
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-pdx.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=&us_privacy=&uuid=3802428701783552000V10
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
34.209.49.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-209-49-24.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:10 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Location
https://vid-io-pdx.springserve.com/usersync?aid=1000026&gdpr=0&gdpr_consent=&us_privacy=&uuid=3802428701783552000V10
Pragma
no-cache
Connection
keep-alive
Expires
Sat, 18 Jan 2025 23:01:10 GMT
x-mnet-hl2
E
Content-Length
154
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Date
Sat, 18 Jan 2025 23:01:10 GMT
Content-Type
text/html
Server
Apache
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame 9C1D 		0
0
user-matching
ads.stickyadstv.com/ Frame 9C1D 		0
0
pbs.gif
sync.admanmedia.com/ Frame 9C1D 		0
0
usersync
sync.springserve.com/ Frame 9C1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=0kkyw3l&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: www.thestar.com
URL: https://www.thestar.com/
Protocol
H2
Server
54.87.26.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-26-61.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 18 Jan 2025 23:01:09 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000030&ttd_puid=&uuid=6043b12d-ea24-4e89-b931-9525f9c428ba&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
content-length
325
date
Sat, 18 Jan 2025 23:01:09 GMT
server
Kestrel
hbs_cs
y.one.impact-ad.jp/ Frame 9C1D 		0
0
eligible_by_element
mia-placement-server.rubiconproject.com/tracking/62019/395/ Frame 9C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/62019/395/eligible_by_element
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.49.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-49-136.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

date
Sat, 18 Jan 2025 23:01:09 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
ingest.php
events.newsroom.bi/ 		2 B
779 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
2
date
Sat, 18 Jan 2025 23:01:10 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
excluded_by_insertion
mia-placement-server.rubiconproject.com/tracking/62019/395/ Frame 9C1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mia-placement-server.rubiconproject.com/tracking/62019/395/excluded_by_insertion
Requested by
Host: s3.us-west-2.amazonaws.com
URL: https://s3.us-west-2.amazonaws.com/application-mia-player-prod.rubiconproject.com/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.49.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-49-136.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.thestar.com/

Response headers

date
Sat, 18 Jan 2025 23:01:11 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
ingest.php
events.newsroom.bi/ 		2 B
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
2
date
Sat, 18 Jan 2025 23:01:15 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
ingest.php
events.newsroom.bi/ 		2 B
779 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=7469
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
57.129.37.204 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
haproxy03.cl15.ovh.mrf.io
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://www.thestar.com/

Response headers

access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.thestar.com
content-length
2
date
Sat, 18 Jan 2025 23:01:15 GMT
content-type
application/json
server
istio-envoy
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thestar.solutions.cdn.optable.co
URL
https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=14334
Domain
id.crwdcntrl.net
URL
https://id.crwdcntrl.net/id?c=17837
Domain
ads.rubiconproject.com
URL
https://ads.rubiconproject.com/floors/18488-pbjs-floors.json
Domain
s.thestar.com
URL
https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=42527643719482158294202782626635338057&ts=1737241261912
Domain
invalid
URL
chrome-extension://invalid/
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzGeYT0h5N36-g5Mjx0sZY2prjQiqvl1wAI_peBcoNcGzD1XU2dy19AiC0q1qVqabB4XcTTb_09J7tUBVCgMa3_1KR6Q
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW-xJbhahemU4zJGf3J6p1fAnE5x2_RkBsN7BMcWb0_j5xyHiyVmAbNR7LPNxmDb8Z-GmEYOdUfUC9-cj8NJvJrT_b9A
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=47&gdpr=0&gdpr_consent=
Domain
sync.bfmio.com
URL
https://sync.bfmio.com/syncb?pid=111&gdpr=0&gdpr_consent=&us_privacy=
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/58185/sync?&gdpr=0&gdpr_consent=&us_privacy=&redir=true
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmphb?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D
Domain
pbs.publishers.tremorhub.com
URL
https://pbs.publishers.tremorhub.com/pubsync?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Domain
sync.sxp.smartclip.net
URL
https://sync.sxp.smartclip.net/sync?type=red&dsp=116&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
Domain
sync.teads.tv
URL
https://sync.teads.tv/um?gdpr=0&gdpr_consent=&ssb_provider_id=1&uid&fb=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000024%26us_privacy%3D%26uuid%3D%5BVID%5D
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=52948&gdpr=0&gdpr_consent=&us_privacy=&rk=pdx
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?consentString=&r=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000027%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BPDID%5D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=3691&_fw_gdpr=0&_fw_gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000028%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26uuid%3D%7Bviewerid%7D
Domain
sync.admanmedia.com
URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000029%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Domain
y.one.impact-ad.jp
URL
https://y.one.impact-ad.jp/hbs_cs?redirectUri=https%3A%2F%2Fvid-io-pdx.springserve.com%2Fusersync%3Faid%3D1000031%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID

Verdicts & Comments Add Verdict or Comment

579 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| dataLayer function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset function| WTEvent object| WT function| setAxateCookie function| updateAxateCookie function| checkAxateCookie function| axateUserHasAccessToContent function| agateUserLoggedIn function| agateUserLoggedOut function| axateUserOnFreePeriod function| beforeReactToTransactionType function| reactToTransactionType function| afterReactToTransactionType function| axateInPageNoticeLoaded function| axatePaidTransaction function| axateBonusReadTransaction function| axateFreePeriodTransaction function| axateAlreadyReadTransaction function| axatePayNow function| axateSetChargeAutomaticallyFromNow function| agateInit function| axateCheckViewport function| axateRefreshInstoryAds object| apstag number| PREBID_TIMEOUT object| pbjs boolean| a9Enabled function| sendAdServerRequest function| biddersBack function| magnite_refreshBid function| pbjs_logAllBids function| pbjs_logWinningBids number| browserWidth string| cutpoint function| loadGAM object| googletag object| gptAdSlots object| promo_design_config function| initStarLogo object| optable object| lotame_17837 function| receiveMessage object| offerData object| userStatus object| logSWGSubscriptionCheckoutStarted object| logSWGSubscriptionOrderCompleted object| userState object| SWG function| initDomLoadedHandler string| environment object| authorListJSON string| authorProfileName object| adobeTokens object| grecaptcha function| initGenericLogin function| genericLoginHandler function| handleSaveAsset function| Sizzle object| __bt object| __bt_intrnl object| __bt_tag_d function| TNStats_Tracker object| TNTracker object| ___grecaptcha_cfg string| __recaptcha_api boolean| __google_recaptcha_client string| salt function| csrfDatetime function| newsletterHashData function| handleUserLogout2841699 function| handleUserLogin2841699 function| handleUserLogout2841705 function| handleUserLogin2841705 object| allowedServicesTier1 function| handleUserLogout2841702 function| handleUserLogin2841702 function| getAbsoluteHeight function| stick_in_parent object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals number| p object| SUBSCRIPTIONS boolean| __bt_already_invoked object| __bt_tag_am boolean| __bt_rlink_loaded_from_tag object| google_tag_manager function| lotameIsCompatible function| lt17837_ba function| lt17837_b function| lt17837_ea object| lt17837_e function| lt17837_fa function| lt17837_g function| lt17837_ha object| lt17837_ object| lt17837_ma object| lt17837_na object| lt17837_p object| lt17837_Ma object| lt17837_6 function| lt17837_aa function| lt17837_a function| lt17837_d function| lt17837_f function| lt17837_h function| lt17837_ga function| lt17837_ia function| lt17837_i function| lt17837_ja function| lt17837_j function| lt17837_k function| lt17837_l function| lt17837_m function| lt17837_n function| lt17837_ka function| lt17837_la function| lt17837_o function| lt17837_q function| lt17837_s function| lt17837_t function| lt17837_u function| lt17837_v function| lt17837_w function| lt17837_ra function| lt17837_oa function| lt17837_pa function| lt17837_x function| lt17837_qa function| lt17837_y function| lt17837_z function| lt17837_B function| lt17837_C function| lt17837_r function| lt17837_D function| lt17837_E function| lt17837_sa function| lt17837_ta function| lt17837_ua function| lt17837_F function| lt17837_va function| lt17837_wa function| lt17837_G function| lt17837_H function| lt17837_xa function| lt17837_I function| lt17837_J function| lt17837_K function| lt17837_ya function| lt17837_za function| lt17837_M function| lt17837_Aa function| lt17837_N function| lt17837_L function| lt17837_Ba function| lt17837_Ca function| lt17837_Da function| lt17837_Ea function| lt17837_Fa function| lt17837_O function| lt17837_Ga function| lt17837_Ha function| lt17837_Ia function| lt17837_Ja function| lt17837_Ka function| lt17837_La function| lt17837_P function| lt17837_Na function| lt17837_Oa function| lt17837_Pa function| lt17837_Qa function| lt17837_Ra function| lt17837_Sa function| lt17837_Ta function| lt17837_Ua function| lt17837_Va function| lt17837_Wa function| lt17837_Xa function| lt17837_Ya function| lt17837_Q function| lt17837_R function| lt17837_Za function| lt17837_S function| lt17837_T function| lt17837__a function| lt17837_0a function| lt17837_1a function| lt17837_U function| lt17837_V function| lt17837_W function| lt17837_X function| lt17837_5a function| lt17837_2a function| lt17837_6a function| lt17837_4a function| lt17837_3a function| lt17837_Y function| lt17837_8a function| lt17837_9a function| lt17837_7a function| lt17837_$a function| lt17837__ function| lt17837_cb function| lt17837_eb function| lt17837_db function| lt17837_gb function| lt17837_bb function| lt17837_ab function| lt17837_Z function| lt17837_fb function| lt17837_2 function| lt17837_ib function| lt17837_kb function| lt17837_0 function| lt17837_jb function| lt17837_3 function| lt17837_1 function| lt17837_hb function| lt17837_lb function| lt17837_mb function| lt17837_qb function| lt17837_nb function| lt17837_ob function| lt17837_pb function| lt17837_rb function| lt17837_tb function| lt17837_sb function| lt17837_ub function| lt17837_vb function| lt17837_wb function| lt17837_xb function| lt17837_4 function| lt17837_5 function| lt17837_yb function| lt17837_zb function| lt17837_Ab function| lt17837_Bb function| lt17837_Cb function| lt17837_Db function| lt17837_Eb function| lt17837_Fb function| lt17837_Gb function| lt17837_Hb function| lt17837_7 function| lt17837_Kb function| lt17837_Lb function| lt17837_Jb function| lt17837_Ib function| lt17837_Nb function| lt17837_Mb function| lt17837_Pb function| lt17837_Ob function| lt17837_Qb function| lt17837_Rb function| lt17837_Sb function| lt17837_Tb function| lt17837_Ub function| lt17837_Vb function| lt17837_Xb function| lt17837__b function| lt17837_Zb function| lt17837_Wb function| lt17837_2b function| lt17837_Yb function| lt17837_0b function| lt17837_4b function| lt17837_3b function| lt17837_5b function| lt17837_1b function| lt17837_6b function| lt17837_7b function| lt17837_8b function| lt17837_8 function| lt17837_9b function| lt17837_$b function| lt17837_ac function| lt17837_bc function| lt17837_cc function| lt17837_9 function| lt17837_dc function| lt17837_ec function| lt17837_fc function| lt17837_gc function| lt17837_hc function| lt17837_ic function| lt17837_jc function| lt17837_$ function| lt17837_kc function| lt17837_nc function| lt17837_mc function| lt17837_oc function| lt17837_lc object| AMP object| google_reactive_ads_global_state object| vfQ object| _satellite boolean| __satelliteLoaded object| extensionGoogleDataLayer object| adobe function| Visitor object| s_c_il number| s_c_in number| marfeelAccount string| currentURL object| marfeel object| default_gsi object| _F_toggles object| google object| closure_lm_490288 object| carbonAnalytics function| _uuidv4 function| buildUserSyncUrl object| vfConfig object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| promoNS function| executeFunctionByName function| onCaptchaVerified3376713 function| onCaptchaVerifiedCallback boolean| promo_design_shown object| adobeOverlayTokens function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s string| keyLinkTrackVars object| webVitals object| analytics object| gaGlobal object| recaptcha number| x object| closure_lm_992488 function| fbq function| _fbq function| twq function| rdt string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| uetq function| pintrk object| DataLayer object| pageLoadTimestamp object| GooglebQhCsO object| regeneratorRuntime object| twttr function| redditNormalizeEmail object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| _comscore object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| OWQ5ZWM4NmRjNTBkYzJlM2xvYWRlcl9qcw== string| OWQ5ZWM4NmRjNTBkYzJlM2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 boolean| _already_called_lintrk function| UET function| UET_init function| UET_push object| ueto_dfa2f66618 object| launchPad object| launchPadConfiguration object| nodeScript function| __launchpad object| elelist string| sUserId object| COMSCORE object| ns_p boolean| b31a978d-6e42-418d-9667-2f1b2b77dad6 object| __id5_finalization_registry number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| ox_esp object| ___RMCMPW object| cti126773 boolean| __bt_rlink_already_invoked object| __uid2SecureSignalProvider object| __uid2 number| google_unique_id object| ORIBILI object| _aps boolean| apstagLOADED object| apscustom function| clearImmediate function| setImmediate object| atsdetectionmodule object| atsenvelopemodule object| ats boolean| envelopeModuleReady object| _MiaAds object| miaConfig object| adobeAlertsBanner

176 Cookies

Domain/Path Name / Value
.pixel.thestar.com/events/78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf Name: cee
Value: %2FWU3ESBh5EQbBwR9XtNd34xtZsA2zmfEeslrJL7Zt1c%3D.%7B%7D
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGVEItcJeVaFngD5UphJYx_H3zCSPCeL09DoF8T3NI_mjzjTPifbWeBvegR0juUeaWWTk_o3KvrwHNN40n03d90
ots.webtrends-optimize.com/ots Name: JSESSIONID
Value: AF63D0CEF73A7630E604AACA6C92FDE4
.thestar.com/ Name: pbjs_sharedId
Value: b6580d56-790e-48e5-a84a-5cbf8532a4ad
.thestar.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
www.thestar.com/ Name: _lr_retry_request
Value: true
www.thestar.com/ Name: _lr_env_src_ats
Value: false
.thestar.com/ Name: _gcl_au
Value: 1.1.971513764.1737241260
.thestar.com/ Name: _vfa
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.e0ca42b6-4b63-4959-8e22-99c0cd5edecb.1737241260.1737241260.1737241260.1
.thestar.com/ Name: _vfz
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1737241260.1.medium=direct|source=|sharer_uuid=|terms=
.thestar.com/ Name: _vfb
Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.2.10.1737241260....
.ccgateway.net/ Name: ccuid
Value: a009893d-7acf-46a0-a350-814b7fe0755d
.thestar.com/ Name: tncms_csrf_token
Value: 6ef9aa2974b12b9d2782542aec2e823d24400ae7de53044047e63e71b3342658.3eedcc8181bcf79c6fb1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2220837bbcd9fc32adc93aa27d6a84a7
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQMDIyMrAwNk9KSk6xTEs2NkpMSbY0Tkw0Mk8xS7QwSTRnAIL0HqM1DHDAfe7oIWbGtd2MDP8ZGRmW%2FymEs2%2BcesQG51xC5jx58VEXzjm8eA4LnLNr3VNuOOf%2BunZTOOc8srLJJ9Th7F8bpyAkANRPPIA%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBI7zFawwADjAz8X4WBNAAowQLq"
.thestar.com/ Name: local_ga
Value: GA1.1.1196127677.1737241261
.thestar.com/ Name: _cc_id
Value: 2220837bbcd9fc32adc93aa27d6a84a7
.thestar.com/ Name: _cc_cc
Value: ACZ4nGNQMDIyMrAwNk9KSk6xTEs2NkpMSbY0Tkw0Mk8xS7QwSTRnAIL0HqM1DHDAfe7oIWbGtd2MDP8ZGRmW%2FymEs2%2BcesQG51xC5jx58VEXzjm8eA4LnLNr3VNuOOf%2BunZTOOc8srLJJ9Th7F8bpyAkANRPPIA%3D
.thestar.com/ Name: _cc_aud
Value: ABR4nGNgYGBI7zFawwADjAz8X4WBNAAowQLq
.thestar.com/ Name: panoramaId_expiry
Value: 1737327660814
.thestar.com/ Name: _ga_6FZFMVVWVN
Value: GS1.1.1737241261.1.0.1737241261.60.0.0
.thestar.com/ Name: _ga
Value: GA1.1.1196127677.1737241261
.doubleclick.net/ Name: IDE
Value: AHWqTUlY5__nAvNB5LFBqna3F3yEoO92vq8wfQlna11UVfaHTwMb9qRhBBpqQAFL
www.thestar.com/ Name: ccuid
Value: a009893d-7acf-46a0-a350-814b7fe0755d
.doubleclick.net/ Name: ar_debug
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBK0yjGcCEDGge9fi-n9thIxA3GJfbesFEgEBAQGEjWeWZyXaxyMA_eMAAA&S=AQAAAixncPnWYIZxzbR4RNHPru8
.thestar.com/ Name: connectId
Value: %7B%22puid%22%3A%2269c11e2cf17f26cb3867cdfef7560105f74b509cbb1bfd6ee422a8c4eb398b15%22%2C%22vmuid%22%3A%22H7vndgxT6qYYKx2ZItI67mziA4kyKE3L8FgCLi7PGXv1_w9aBcOeSCjX52X_YrjktOes9_T5uYEQ0U5i8DR53A%22%2C%22connectid%22%3A%22H7vndgxT6qYYKx2ZItI67mziA4kyKE3L8FgCLi7PGXv1_w9aBcOeSCjX52X_YrjktOes9_T5uYEQ0U5i8DR53A%22%2C%22connectId%22%3A%22H7vndgxT6qYYKx2ZItI67mziA4kyKE3L8FgCLi7PGXv1_w9aBcOeSCjX52X_YrjktOes9_T5uYEQ0U5i8DR53A%22%2C%22ttl%22%3A86400000%2C%22lastSynced%22%3A1737241261652%2C%22lastUsed%22%3A1737241261652%7D
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.thestar.com/ Name: _rdt_uuid
Value: 1737241261824.2c87268c-0e1a-4c5e-a12e-3c85f730a24d
.lijit.com/ Name: ljt_reader
Value: KBllABZHHYfOwdTZQx-JMxM1
.adnxs.com/ Name: XANDR_PANID
Value: _X35p8OCg8mvykD38YY5IhdPv1ujjPUc8x05b2RpgqmSN5_7VX0d_wdrAucv_jnD5RTjHpipjiEpnNHqqjNIPunN-M1FE29qoOQQsSqjwC4.
.adnxs.com/ Name: icu
Value: ChgIw7JKEAoYASABKAEwreWwvAY4AUABSAEQreWwvAYYAA..
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 5032042615911074898
.demdex.net/ Name: demdex
Value: 42541773480856299834205884727343254339
.thestar.com/ Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.thestar.com/ Name: _fbp
Value: fb.1.1737241261974.882626428957987266
.rubiconproject.com/ Name: khaos
Value: M62SLCJF-H-I3U0
.thestar.com/ Name: _wt.mode-2547823
Value: WT3CvEbweusGnQ~
.thestar.com/ Name: _wt.user-2547823
Value: WT37mfeKkIRM-UNLAY-JfhUW2Nkb0bLnz9rdmGTVEH_W9GG7ydkEF82dSuOetVMFg-VI3x1fXR4Gbf6qgHFyy6k7bzxZ42A-zYJjkK7wIld1IQ~
.thestar.com/ Name: ___nrbic
Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1737241262%2C%22currentVisitStarted%22%3A1737241262%2C%22sessionId%22%3A%22861fee0c-0327-4f26-8a3a-9d14180be0eb%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.thestar.com/%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3Anull%7D
.thestar.com/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1737241262%2C%22userId%22%3A%228d08d85a-b28d-4e4e-974a-f8b5850031a5%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1737241262%2C%22timesVisited%22%3A1%7D
.thestar.com/ Name: compass_uid
Value: 8d08d85a-b28d-4e4e-974a-f8b5850031a5
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.thestar.com/ Name: _uetsid
Value: 16db6ed0d5f011ef8e5db51ba135d03e
.thestar.com/ Name: _uetvid
Value: 16db9bb0d5f011efac90bf885f104286
.twitter.com/ Name: guest_id_marketing
Value: v1%3A173724126240261118
.twitter.com/ Name: guest_id_ads
Value: v1%3A173724126240261118
.twitter.com/ Name: personalization_id
Value: "v1_5Xn+AP6A/dIb/qy/M+Xmsg=="
.twitter.com/ Name: guest_id
Value: v1%3A173724126240261118
.bing.com/ Name: MUID
Value: 26FE1F850002604405200AFD01A861EC
.bat.bing.com/ Name: MR
Value: 0
.sharethrough.com/ Name: stx_user_id
Value: 8d7c771a-6c3c-43ba-b3b2-d827785e4151
.thestar.com/ Name: ajs_anonymous_id
Value: 64c92df4-0ffe-4020-9903-c5e303676a04
.t.co/ Name: muc_ads
Value: dea720ec-8134-400e-a681-af7f16c75d6b
.t.co/ Name: __cf_bm
Value: EF6CMJUvjoR1KnKMVnHFckomc1fsYNGD0i0.evSRzAU-1737241262-1.0.1.1-faGA4yfKFkIBk8dHrxYcKSna763sIENwUiO2wCdNF2Exm35eurs5vjWPWle6g2qTrqG9htG_EybmOfwCQkDIpA
.scorecardresearch.com/ Name: UID
Value: 1726023c0b81567229a6d651737241263
.scorecardresearch.com/ Name: XID
Value: 1726023c0b81567229a6d651737241263
.dpm.demdex.net/ Name: dpm
Value: 42541773480856299834205884727343254339
.thestar.com/ Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg
Value: 179643557%7CMCIDTS%7C20107%7CMCMID%7C42527643719482158294202782626635338057%7CMCAAMLH-1737846061%7C7%7CMCAAMB-1737846061%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1737248461s%7CNONE%7CMCSYNCSOP%7C411-20114%7CvVersion%7C5.5.0
.thestar.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8dxELRHAWWccdDdLckKR9lQokMsKBQtHSj5tZMdckAKg0ShXATUYaJxIwr8GmsDMAVjly6ZBhZyMSBfdAdRtJfUwXM3nNCzTqO5TZmH9Xwx-9JtF4zsgYmKLU-6XEtQZrQLTBKo5_sw5IAz9tHbI_3erHp6g%3D%3D%22%5D%5D
.pinterest.com/ Name: ar_debug
Value: 1
.thestar.com/ Name: _pin_unauth
Value: dWlkPU5HUm1OR1V4WVdNdE1qYzRZUzAwWXprMUxUa3pPVFV0TXpsaU1qUTJOakptTURNNQ
.thestar.com/ Name: __gads
Value: ID=076342539c770858:T=1737241264:RT=1737241264:S=ALNI_MZTu4RG3bs22SWoiLxk8nxGuqT1Vg
.thestar.com/ Name: __gpi
Value: UID=00000fcfc92eeb9d:T=1737241264:RT=1737241264:S=ALNI_Mb7oSoVKG6u3wpiqTrZB2VQPUB5fA
.thestar.com/ Name: __eoi
Value: ID=60ad876419665fd5:T=1737241264:RT=1737241264:S=AA-AfjYo2_3oo47p8YpGMqMDSJ_y
.thestar.com/ Name: local_ga_B4CQN4KW3R
Value: GS1.1.1737241260.1.0.1737241264.56.0.0
.thestar.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1737241261.1.0.1737241264.57.0.0
.ml314.com/ Name: pi
Value: 3649936991747309577
.lijit.com/ Name: ljtrtbexp
Value: eJxlkDsSgEAIQ%2B%2BytQX%2Fj1dzvLvjuA2xfIFA4Fqd6%2BTUMqcKP5ZMZPoJOoVkbIgpmGJDwYTPkGVBL3fvUKmSsRXwMONa2FoEKRrqkKoM2IFhvoBf9hFSZi97TZaEI8df7weq502u
events.newsroom.bi/ Name: 7469_u
Value: 8d08d85a-b28d-4e4e-974a-f8b5850031a5
events.newsroom.bi/ Name: 7469_lv
Value: null
events.newsroom.bi/ Name: 7469_ut
Value: 0
.linkedin.com/ Name: li_sugr
Value: 0fbf9cad-c8b1-425a-b52c-06bf097b1a43
.linkedin.com/ Name: bcookie
Value: "v=2&77593c28-3ce9-4ad7-8cf3-8d0ae5a2e5e5"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2952:u=1:x=1:i=1737241266:t=1737327666:v=2:sig=AQHd0I-246DdzlSHjPSTKIa0LKO1dUt_"
.linkedin.com/ Name: UserMatchHistory
Value: AQJvJbrlQa1nKAAAAZR7pghagF-mDG9Bba3kYoyb1rRuBACvZykDFuzJkMx-so0afcyZaanF_HDp6w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQL_NbovZkZwhwAAAZR7pgha7dwxzZhVgWnM9h-hWrubUXYvf28liU4eipQbmC83Up2GQCeXo4OjSfR5BbnKwA
.lijit.com/ Name: _ljtrtb_97
Value: OPTOUT
.www.linkedin.com/ Name: bscookie
Value: "v=1&202501182301067c315309-bbee-4358-82a4-c5bdb07925d7AQELXf40l9W7o-i6RVs3_6xH5NZO5wOX"
.linkedin.com/ Name: __cf_bm
Value: JyJ7CTBGee2a1Mm8jrlnDmzJ6dXyq3gpGRI2tQZ7y9k-1737241266-1.0.1.1-WvHHkHn0nmFCTofplGDbvsafi4MmYvtkjN4SQ1YGmwt7ktMkNJjBk5Dt02JS816tqGvPwqsmGcxay8zW28RmRg
.lijit.com/ Name: _ljtrtb_76
Value: a04886ac-b1c4-42e1-b3d1-5c89c3a8de0d
.eyeota.net/ Name: mako_uid
Value: 1947ba60d4e-31570000010a5c52
.eyeota.net/ Name: SERVERID
Value: 23634~DM
.amazon-adsystem.com/ Name: ad-id
Value: A7jcYmvPV06nl5w6M9L-GhA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.thestar.com/ Name: _lr_geo_location_state
Value: ON
www.thestar.com/ Name: _lr_geo_location
Value: CA
.adsrvr.org/ Name: TDID
Value: 6043b12d-ea24-4e89-b931-9525f9c428ba
.sitescout.com/ Name: ssi
Value: 189451b2-0e8b-46d0-aa61-68c3b17e5429#1737241268675
.springserve.com/ Name: ssid
Value: 7570ed31-c078-4087-8c7b-a72b03967aef
.springserve.com/ Name: sst
Value: 1737241269086
.rubiconproject.com/ Name: khaos_p
Value: M62SLCJF-H-I3U0
.contextweb.com/ Name: V
Value: jHIcZyFqInUA
.contextweb.com/ Name: VP
Value: part_jHIcZyFqInUA
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 7f6f8c08de373b4a
.lijit.com/ Name: _ljtrtb_49
Value: jHIcZyFqInUA
.tapad.com/ Name: TapAd_TS
Value: 1737241269517
.tapad.com/ Name: TapAd_DID
Value: ffae82bb-2262-4007-81a9-bde7816856fe
.analytics.yahoo.com/ Name: IDSYNC
Value: 19dc~2n1b
.casalemedia.com/ Name: CMID
Value: Z4wytUt3uWoAABwSAC9M8wAA
.casalemedia.com/ Name: CMPS
Value: 149
.casalemedia.com/ Name: CMPRO
Value: 149
.smartadserver.com/ Name: pid
Value: 1370011675235313136
.media.net/ Name: visitor-id
Value: 3802428701783552000V10
.lijit.com/ Name: _ljtrtb_106
Value: 1370011675235313136
.ipredictive.com/ Name: cu
Value: b15dd26f-d3f8-4a5c-8c93-5574acffdb23|1737241270461
.lijit.com/ Name: _ljtrtb_16
Value: 189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553
.creativecdn.com/ Name: g
Value: 6JKpKo9EfFZph8HXQXBf_1737241270521
.creativecdn.com/ Name: ts
Value: 1737241270
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: _ljtrtb_86
Value: _LKQEBvJ5kJPujl3nHeRIbc6Z9TjWIjffWDU1Q8r5g8
.lijit.com/ Name: _ljtrtb_80
Value: M62SLCJF-H-I3U0
events.newsroom.bi/ Name: 7469_s
Value: 861fee0c-0327-4f26-8a3a-9d14180be0eb
.adscale.de/ Name: uu
Value: bff1f85eb7bf42ba8b14758855a3e627
.krushmedia.com/ Name: krm_usr
Value: 860590ac-cc87-5f7c-9ad7-dbc9ef8f289c
.krushmedia.com/ Name: krm_r
Value: 572:1738450870376
.lijit.com/ Name: _ljtrtb_102
Value: 860590ac-cc87-5f7c-9ad7-dbc9ef8f289c
.lijit.com/ Name: _ljtrtb_27
Value: 6043b12d-ea24-4e89-b931-9525f9c428ba
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2BB11988-F7EF-45F9-A690-078D926904C3
.lijit.com/ Name: _ljtrtb_71
Value: 2BB11988-F7EF-45F9-A690-078D926904C3
.tribalfusion.com/ Name: ANON_ID
Value: aOnoeUSyZaRWRT8vtRLV6EufSUfMGuWIFoqbWm99h
.lijit.com/ Name: _ljtrtb_43
Value: RdW0m0DQ7sBe1bmeStehykuBuZpeg7vMEtPHnZmN
.rlcdn.com/ Name: rlas3
Value: pw//r9/nslQnIQdSzV9J+xWHgJjNqkNJaQq1HorfXdg=
.rlcdn.com/ Name: pxrc
Value: CLjlsLwGEgUI6EcQAA==
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: elne1quepktj10vdogshxj5d
.pippio.com/ Name: did
Value: MDgkwuQUq9kAKtV2
.pippio.com/ Name: didts
Value: 1737241272
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 92893688718513048
.quantserve.com/ Name: mc
Value: 678c32b8-76059-27ac4-b6cb6
.quantserve.com/ Name: sp
Value: CggIiQ0SAxCzDg==
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-_LKQEBvJ5kJPujl3nHeRIbc6Z9TjWIjffWDU1Q8r5g8&KRTB&23047-_LKQEBvJ5kJPujl3nHeRIbc6Z9TjWIjffWDU1Q8r5g8&KRTB&23234-_LKQEBvJ5kJPujl3nHeRIbc6Z9TjWIjffWDU1Q8r5g8&KRTB&23361-_LKQEBvJ5kJPujl3nHeRIbc6Z9TjWIjffWDU1Q8r5g8
.bidr.io/ Name: bito
Value: AAN1yk7PGGUAABbcffW3Gw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: DPSync4
Value: 1737244800%3A248%7C1737763200%3A252_164%7C1738368000%3A219_226_197_228_245
.openx.net/ Name: i
Value: 48d54146-9eb9-4d00-8204-2adf6eb67e63|1737241272
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1vz6|86L.0.1|7dN.0.AAN1yk7PGGUAABbcffW3Gw|7dW.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1vz6|86L.0.1|7dN.0.AAN1yk7PGGUAABbcffW3Gw|7dW.0.1
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-b15dd26f-d3f8-4a5c-8c93-5574acffdb23&KRTB&23011-b15dd26f-d3f8-4a5c-8c93-5574acffdb23&KRTB&23355-b15dd26f-d3f8-4a5c-8c93-5574acffdb23
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-92893688718513048&KRTB&23231-92893688718513048&KRTB&23263-92893688718513048&KRTB&23481-92893688718513048
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-6043b12d-ea24-4e89-b931-9525f9c428ba&KRTB&22918-6043b12d-ea24-4e89-b931-9525f9c428ba&KRTB&22926-6043b12d-ea24-4e89-b931-9525f9c428ba&KRTB&23031-6043b12d-ea24-4e89-b931-9525f9c428ba
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-7d2f7955-6125-4309-9661-6c6ff15f7533&KRTB&23340-7d2f7955-6125-4309-9661-6c6ff15f7533&KRTB&23498-7d2f7955-6125-4309-9661-6c6ff15f7533
.openx.net/ Name: pd
Value: v2|1737241273|f8uYbwg2hEiKgakWvMgy
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTczNzI0MTI3MjM1NSwiNDgiOjE3MzcyNDEyNzAwODMsIjM5IjoxNzM3MjQxMjcwMDgzLCIxNyI6MTczNzI0MTI3MzE0OCwiNyI6MTczNzI0MTI3MDA4MywiNDEiOjE3MzcyNDEyNjg3MjB9
.resetdigital.co/ Name: ckbk
Value: 000001732653610F
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!455
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsIwvmV7MCH3D0QBRIXCghwdWJtYXRpYxILCKjSjZXBh9w9EAUYASACKAIyCwi2yJDC14fcPRAFOAFaCHB1Ym1hdGljYAI.
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: zzadrwkrujvb3xe5h02uymjw
.ib.mookie1.com/ Name: ibkukiuno
Value: s=6e176532-ba8c-45e8-a23b-d34e4fbde380&h=&v=0&l=-8584643656116463822&op=&hl=0&vlu=0&tcs=1&dcc=-8584643656116463822
.ib.mookie1.com/ Name: ibkukinet
Value: 3002717835=-8584643656116463822
.3lift.com/ Name: tluidp
Value: 590067679440313043950
.3lift.com/ Name: tluid
Value: 590067679440313043950
.rubiconproject.com/ Name: audit_p
Value: 1|bRmm4TjRDjL56RHeZITZbTHseSUtPQemyL3NQ9A6E7rq9jaCYANA/hickQpB7UJX6oZYVbYkk43gcRgjl6EitYiVfsnCaNoHsqlSNZOaaDQ=
.rubiconproject.com/ Name: audit
Value: 1|bRmm4TjRDjL56RHeZITZbTHseSUtPQemyL3NQ9A6E7rq9jaCYANA/hickQpB7UJX6oZYVbYkk43gcRgjl6EitYiVfsnCaNoHsqlSNZOaaDQ=
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAwS463nB-7A1gy5e843ijo&KRTB&16514-CAESEAwS463nB-7A1gy5e843ijo&KRTB&23025-CAESEAwS463nB-7A1gy5e843ijo&KRTB&23386-CAESEAwS463nB-7A1gy5e843ijo
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-k8l_lZbMJc6IyXHGkMdqxJKfJMKInHGVx8h_peCq&KRTB&22979-k8l_lZbMJc6IyXHGkMdqxJKfJMKInHGVx8h_peCq&KRTB&23462-k8l_lZbMJc6IyXHGkMdqxJKfJMKInHGVx8h_peCq&KRTB&23661-k8l_lZbMJc6IyXHGkMdqxJKfJMKInHGVx8h_peCq
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553&KRTB&23418-189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553&KRTB&23634-189451b2-0e8b-46d0-aa61-68c3b17e5429-678c32b4-5553
.pubmatic.com/ Name: PugT
Value: 1737241274
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB4
Value: 1738022400%3A63%7C1737590400%3A216%7C1738368000%3A250_55_104_178_214_22_201_233_165_46_234_81_166_8_3_220_267_96_240_7_56_5_266_13_231_264_71_249_54_48_176_21_99%7C1738454400%3A268_35%7C1737763200%3A223_15_2%7C1739750400%3A224
.pubmatic.com/ Name: ipc
Value: 157310^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D157310%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.springserve.com%252Fusersync%253Faid%253D1000010%2526uuid%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT^2^0
.pubmatic.com/ Name: pi
Value: 157310:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.lijit.com/ Name: ljtrtb
Value: eJwdUMtOw0AM%2FJecsWTv0%2BZGaKOmvFraqlIvKLvZgAqteBUJIf4dB%2Flijz2esX8qQlOdVxzQC3YZcuYIfogZpOsj9ClLGXgwLLk6qyjoLLE4T8kAFk7gQo%2FQdYEgcLaJYvHOCISolUkOvPdWmU6UuZ%2B1effdvLXHzYViJioW0CnL9FA648AVFkhiCcQbP0h2hlM3KuO%2FtI2IRCF6Y70ljaA9Rm3dBLO6vpw3MIPWblDhSAqbuiYSZmjitAHnG4GLIAgYeSJGM3c52pPRyt1ifbdZjwtHrYfrq%2BW0%2Fpr75%2FnitH%2Bxx1m5b1MOO1nvt%2B1%2BGLaTDS353T%2FyeJ9Vyn2%2FxQNOlvGjLpQOZfVZnr6fT%2FVp91oe49fN9HMxO%2B4Ot6O5UaJDxxz064my3m4KQbI9gc%2F6bttxX7Cvfv8ATXxqzg%3D%3D
.lijit.com/ Name: _ljtrtb_84
Value: c:36c20efb263f2a66ed7c93ff916cd287
.go.sonobi.com/ Name: __uis
Value: b0c214e4-3a9a-4cb3-bd86-311d57168408
.go.sonobi.com/ Name: HAPLB8G
Value: s8574|Z4wyv
.pubmatic.com/ Name: SPugT
Value: 1737241275
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-000001732653610F&KRTB&23175-000001732653610F

3 Console Messages

Source Level URL
Text
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: https://pixel.advertising.com/ups/58185/sync?&gdpr=0&gdpr_consent=&us_privacy=&redir=true
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.sharethrough.com/universal/v1?supply_id=BGApXMcE
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14475035.fls.doubleclick.net
258556d014a647e4706d29aad01cca03.safeframe.googlesyndication.com
aax.amazon-adsystem.com
accounts.google.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.yieldmo.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
ap.lijit.com
api.btloader.com
api.btmessage.com
api.rlcdn.com
api.segment.io
api.viafoura.co
ats-wrapper.privacymanager.io
bat.bing.com
bcp.crwdcntrl.net
bh.contextweb.com
bloximages.chicago2.vip.townnews.com
bt.dns-finder.com
btloader.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.webtrends-optimize.com
cdn.ampproject.org
cdn.btmessage.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.segment.com
cdn.viafoura.net
ce.lijit.com
cm.everesttech.net
config.aps.amazon-adsystem.com
connect.facebook.net
cs.emxdgt.com
cs.media.net
ct.pinterest.com
data-sales.ccgateway.net
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
events.newsroom.bi
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.viafoura.co
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ih.adscale.de
invalid
js-sec.indexww.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mia-placement-server.rubiconproject.com
micro.rubiconproject.com
news.google.com
oa.openxcdn.net
ots.webtrends-optimize.com
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pb-rtd.ccgateway.net
pbs.publishers.tremorhub.com
pixel-config.reddit.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.rubiconproject.com
pixel.thestar.com
prebid-a.rubiconproject.com
privacy-location-edge.ccgateway.net
px.ads.linkedin.com
resources.thestar.com
rtb.gumgum.com
rtb.openx.net
s.pinimg.com
s.thestar.com
s3.us-west-2.amazonaws.com
sb.scorecardresearch.com
sdk.mrf.io
securepubads.g.doubleclick.net
snap.licdn.com
ssbsync.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.1rx.io
sync.admanmedia.com
sync.bfmio.com
sync.go.sonobi.com
sync.richaudience.com
sync.springserve.com
sync.sxp.smartclip.net
sync.teads.tv
t.co
tag.rmp.rakuten.com
tags.crwdcntrl.net
td.doubleclick.net
thestar.solutions.cdn.optable.co
torontostar-d.openx.net
torontostarnewspaperslimited.demdex.net
tpc.googlesyndication.com
tv.springserve.com
unpkg.com
ups.analytics.yahoo.com
vid-io-pdx.springserve.com
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
y.one.impact-ad.jp
ads.rubiconproject.com
ads.stickyadstv.com
ads.yieldmo.com
api.rlcdn.com
cs.emxdgt.com
id.crwdcntrl.net
invalid
match.adsby.bidtheatre.com
pbs.publishers.tremorhub.com
pixel.advertising.com
pixel.rubiconproject.com
s.thestar.com
ssbsync.smartadserver.com
sync.1rx.io
sync.admanmedia.com
sync.bfmio.com
sync.richaudience.com
sync.sxp.smartclip.net
sync.teads.tv
thestar.solutions.cdn.optable.co
www.google.com
x.bidswitch.net
y.one.impact-ad.jp
104.16.132.24
104.17.248.203
104.18.25.18
104.18.26.193
104.21.50.90
104.21.96.1
104.22.52.86
104.244.42.67
104.26.2.70
104.26.6.141
107.23.101.61
107.23.22.141
108.138.106.56
108.138.112.90
108.138.128.124
108.138.128.46
13.107.246.40
13.107.42.14
13.226.38.199
13.249.91.104
13.249.93.221
13.35.93.44
130.211.23.194
141.95.98.64
142.250.176.206
142.250.65.193
142.250.65.206
142.250.65.232
142.250.72.106
142.250.72.98
142.250.80.4
142.250.81.227
142.251.179.155
142.251.32.98
142.251.35.166
142.251.40.131
142.251.40.142
142.251.40.226
142.251.40.97
142.251.40.99
142.251.41.2
142.251.41.6
150.171.27.10
151.101.128.84
151.101.129.140
151.101.193.108
151.101.193.229
151.101.44.157
151.101.65.140
157.240.241.35
162.159.140.229
172.217.165.129
172.64.146.215
172.67.41.60
18.164.109.182
18.164.116.69
18.173.219.111
18.204.107.182
18.209.41.108
18.212.140.196
18.214.33.68
192.104.182.109
207.65.37.179
23.105.12.158
23.201.191.176
23.205.72.21
23.217.173.107
23.51.57.13
23.56.163.34
23.57.90.113
3.168.102.4
3.168.102.52
3.218.49.136
3.223.61.24
3.66.150.175
3.87.46.209
34.102.146.192
34.102.147.248
34.209.49.24
34.223.74.168
34.36.216.150
35.173.157.167
35.186.253.211
35.244.159.8
40.70.4.53
44.206.254.236
44.218.102.57
44.235.40.149
52.223.22.214
52.223.40.198
52.85.61.101
52.92.184.16
54.149.27.21
54.175.176.142
54.191.152.31
54.84.153.142
54.84.241.218
54.87.26.61
57.129.37.204
57.144.180.128
64.233.180.84
68.67.179.153
69.147.82.61
69.166.1.66
69.173.146.10
74.214.194.131
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
04581663a590a3b051b88aa91a71c8941e064d62839993b3f47ff8aa1b21017b
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0769bd4bb8f36e4ffe4397f1db959f327d872aa3ebec7b662c9deae2f4d391f2
08bddb345fbb206ae18737b85957ce6fde0275e100c9ac8b9a0c270c57878cc3
08cc958275047af1fecd48d2b4bcf141128cc5ac87d7b2c891170b541c5fb2a1
08dd90a980405bc559f3df814a8bbec46f32f0deb9289e2c72ea156d8528fab6
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
0db6de4c7acdd82e35b39c6e7d8051759fe5c0ef38be0da452f8fed09fdd3e66
0f28f8ef3c65ede1c3171b6e44188fca93e15b53d362d0bbb9a22c93d3f73fdd
0f6bc74a3fbcaddd22ce0a79035243b6558c7348ed3c82866810d9d947dc566d
10e1056fe1235ef6cdb31e22fc2cdc7de7db3e7f51437a426018e276d3edcc07
1131cb5ddea5c1f63e3a2dd6fcd792a7b524b83792f05a22ca9dbf853f8fb5ec
122163280d6bba187ca367865d7a62aae924cb003b13127057de19d92eb53aee
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
16f5ba4827c52a2ce5405e01a79fd2ffe3dbcd01305c955072b12c0bc62c826b
1760bc8697f26b7a8aea15f17a62fea2554c94ab2fbea48ae3b44affe8e4f364
190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7
1a9620560d045a6e882da628f8d12de26a7a701ee004e638bfef2c6d45223077
1acbc8079d6671190c9379224c2c98817a15f067a7cd037d654ce33597929d1d
1addf4c1b62b1bc6e4b9eea07f1eeaf3cca74166a3737b78dda844ef141c0d44
1c55d9b826e8dfa994370e306ae8dc2e849f3e003381dc848a0b95f782c0c0e3
1ebc1e62c024fc610ffd18df157488dfa4321fc8db7222d9db66e92e1afe7b7b
240a7b1d38c6ed1e9778fda561ad0b940988854a86971f5e80cbc637642dc545
2594d4b330d2cce12d75540e7535d674155fd072dbf0cd9051124cec391710c7
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
27e1cdf16748e5b2097585da88f0a2bdc0cab42db58862789bc8293405ba853d
28cfad2dc8117f83a905851a4d80e43210a89cab2d4bd18a32e8e999ba0c1df3
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29896fec740d6d70a1aac6e2769dc76de4bebc52ac27b9977610d68300e14057
2ffbd4bbedceb57c0099e3028f3c265f6912df1cd0c591ed131ea23a5d28e32e
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
35f99ca63d206cd890629b5cac0a22859915fd89ed2effd533ff30bfe64d37cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3926bdd1b4d5a60dad7e1b0402a6c24b4a0f252f661ed6b16cfe86a4b48a1b58
3b14188ae2ab5e244060596588db0a2e187ea0557a1e801b6de5f96e614eacaa
3d2884ae34e8dce822c3ee0949aeaca3f6bfedd88348d7c29ce2cab3a9f262e2
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457e85861044e6c6ed188aee506092571f5ba71759bbc1de4340ece02b69194e
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
46811578437caf8eac61ac10112c43b46ede17063b29ac96b866c7027b6fd1d2
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4922a8859b315c354c23ad278e35483c6cf29aebf1c509c2c928c1f41634fe43
4a0a604180cac33aa88c7e3995c570bd2f63b860b74c3f6c795fb3e7a41a8d08
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4c77debead0875fb2f990d8799a5649e9d17d9d1d04f93ec2a782c06a6b94661
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5015eef77cec273e4f41253e8c940a51967fcc24b9f32123ca9d54aa8af2705b
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
51e62bc02cd5fca4b743c497a1b1b06096f90407e772e6acf00d6e0ec60970ad
523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
54368aa22482b41807f2c84651331995adf09c2963f675e8c3efe0f8f0bd57a9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
55c6983606eae184b6c555ec5ed37a79f5038a478645e778921e618d74ed7f1c
55c944f240f93b8462ded897b5046c8c53df06167c6fd8af1a99ba1bb57fec36
565f07e2f1e69f69195c5bf95d5668bb110a38683ae051202b3a6db87b7ed516
5719fa7516053f4eaafac95cef801f464b9ba4136c35b8f7e4fa2c45fe3fdf29
57c6c8ef16f19b7a2e015a857f3f43bc4997fb5044f8dd62644329ba4a8420dc
583e5e1ebb1591083586c7dd106ec0c6798320ba1c4b36962734cfcf195834f8
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
597cf1adbafca51f41aedfbdc509c2e15e81382778e096b1398c66cda6865f2d
5cde2b88166202ca02bb7edb492dc4b4873134bf0d524245240458b8ec058823
5ee55b08ce119ab6d654b4dddebb87cda0f831cf2b29fcd3dcbb54d00300a458
5f478f5bbee9cb45b8e9de4b05b5ac8db4ea8525d7ef237d04fd28560386f83e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60e592c027c5614d4585de2092e7e245a67b8fb24319525e8049135e718910d2
63c8a71e02dad8f567226247d5694840937f61e94ddb0c49288e8e68873c6097
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
64d8a8893022dc8710d7405d4428ffa913dc9baab39c95661eacdfafd596da1c
665e38f2f4291bdd335da59256b0c6780e77124e88456669051f4ad9eff6a965
677cc0495698cb89f48ae26875ef08920755bbc101a6798f7daa7bfbcfd5cb79
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
6889e33f0a93ee80afb0ff3456bdbb5c65da93e9ab1a7950317553e9008c93ca
6992ca8fd9b3c2c4380b25aa27485fdb777261e0faa02853634660dab37c3a4d
6c8976166ffd559fcb18da875ed7ec6a1fd1ab48f3afbc808bc555503ca81856
6f8687d925bb6647a6657ab7ee4e3bc5b7008db6ac0222883f324b03021cba9b
71435db14d43897c1bd2effcfdc3629687f2d9efab98f5745f3ef9eec0e9ed38
71da9274a22ca23f73eca12863338b843338c9dbef2e0583fd198cfc6578eb05
72a5e785dcde8c98b9959340965fdabd55d736b7ae6df7f66363ce75b20d7203
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7575018ef3568d7e0911862a8ff4e51589897133a1ecb53517ae9221389f0960
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
783aaafbf6c896f4ae5e3018fd8e0f8e2b2663128e569268da6b32f35efa2bac
786b02488bab372487274f7f85a9e21d2c23275104bbfa811f9958208d22858a
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7a763b1639866a667823fe1023625402e89864de240577166582f4f1d9578ace
7e75b62929644e2ad00bb6a69ef43ae7c6688526060ab8518419c138fd8b3fa8
7f274f481a0b3c1d4ab4355f993b517688fe298ab18f810c9bb9a7be0ead03c5
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
7fd434d2cc35d0d48b8f1af57b20819dd8e0856702b25d429308cf118aedc855
80abdc7301a85f3723a06e115899beb85170026b040c44834b954be0d2f2af3d
80fc399aaa4b6b07bafe4172e9d61b4d8ee99375ad8d93baf1a4079068bf2a8d
8273304fd0142c815d16b78e336b373d5446fcc4a06167972d581721209fc3ca
8467f50f69b4ba13d832818e723265e1c3b84a84c4922ee04038ec9afb2536af
84abd876d13a988990a568311363114bc8bc52813bee1a8ab45e615409432a89
88d6624cced4fc50d398d759513b1475da2c29dca62572afa65859bea2950dbd
89fca6632a242cec71747b561ec72831e28fd40b32d5c7224ea9e930920abbaf
8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce
8ca1ad69d89ef8dc52c67324f495bb2854e9d24ecbde26124a3ffaf97c583ac4
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8dc5efb54fd57b45f42c88690d9e007d839b2751c9d7aaff034e19b26987da0a
90a0a692795e552c341d7bd98cb76ce5fc5a9ace287a92ac44ce0e6fe93b034f
93537d697045b80412468583455a9bbddde790f26b7e5d32478b4670bef2f9d2
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
97b3832a6eb1cc03df88d970466188387eb192bfadabd72adc36cd6fb237048f
97cdc95ae752a7e56eceff8344e7d9c090fe1e89429f8dbee37ef7901b7bf582
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
98dee1487d483d30fb6eff137cddef164dab516b65d150cf5130b5c0e5aa84e7
99bf9ad7ec642dd64dbc36739410459b24b712ccd93119d1939faab70fb18010
9a54e6b1253d785972ccaab75a888119d13083bfb1f80343aef9454d5cd5bb6d
9b69399569237ff386301a82562ff6b21c1d31370b29928025cee63b7252f848
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
9ef6df13f769714a1570f6745de205d19abaa548bd7e7aa6f369322daaf7fd47
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a02acce44f2c6df068972d20e54f5b2632f994db79a2ed7f907fd378033411ef
a246d3b32e96e5be9895096c5ea8f5cfae47e44ed5899cd8831be7dcbf4ef4a6
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
a70b993e6415ddfd66ea6ee209e3ab2fa3f88b0d3e4329aec59cffedf2c32db6
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
aa1335a729ab925863a4ad91486df4788b5e21270710d4425d4b8a996424cc9a
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
accb119a0fd0678caac3049b83febfa94766cdcd6543e33c86941567a198cc2c
afdf5fff446a3ee3e29812d8e65c68684ac84cead6f983f7a853693043f2d2b2
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b206fa21311d004bf5e85a9738291729a149639b46e2314554974f2576d1ba22
b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc
b3bce010c0f5a7c24a82ae511194baf67bf8c2cee737a3a118f6b9590d322b15
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
b66f0a49c8aaa021de49b5fe360c3491c31cbaa666603e9d123471ad54c87836
b79c84ddf5270495aedad399a30f1aee0be8dcdf300ad82100b11e5f20794ac1
b7f807205142bbe9c42e24df2a3bcdaf29b0027d7a21b7fa9fe816c39d6dc3db
b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37
b859f5a4a3a38dc9c24cc1a91ea0d5d042233a0d1317825cd57d61a66a4d8047
b8ddc3470edc7a111bea28ba1a359f3658287f6ff947a90d204fd823f1dc1f03
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c0ec1675a7022073ed7762502520d3da56799f4484eb94f2bc602f5bf70a24fa
c169d3a6b25c23bc8f59de150ffa813355f27ef131efe35560c0699716522650
c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5
c5120cc81a49d97d9062a1d625e5b6afe198152ec2c9bb293f60e082cbc5f956
c5c0a2fc2af2da0bd368ce75fe3640564ef3f1c6e2a70e04bdf4a859c102e9a3
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b
c68861e0a0128c97407e9710410738ed32b2a33f3bf3d774a875070998ad8b2c
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
c7c106355855a0cf4f67dc92698c788745ac22b3c5dd2e2ca851a9e73d323982
c92c0f0212bf6efc3a0c014766a9161a48a3b2879522ec3050fac8e86ce39073
c939c941aba39a0f4d0e9ad56a9fcb9897d42c0283c80e9d10341ef89a0870e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb99aa845ebc533d9160813becfcf72cbfb1f8ef33f096a99db55ab6daf4015b
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd886a01f6af8332fc28434bfeb5fb5c29e3417d31b0f8d52c1fd60bafafba8
d099df5c26f40dda64e93e09c8ae6c37a4de4ee36fabb10e3c40b7274b982c88
d20d689e67d7e16e67057d278f9e1f38e416880fa0a9f448a6bd9ba30a999a7e
d28059c72651b9cf1aea80d6192d604a152fe8673ad7efa57d0edb3688697b60
d35afa9efa47ecc126d99ecb0d56b8100fc7c7e986269a057e6affc1cdfeee7e
d3f274945138b46f471efb16209958920222ef219cf795a9107e75a61cf99e99
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d5a8391f2f237d594be86bd7e8b032216983a3fb1f802f85170266e75112de2b
d72995ef7e52dafc770a56457038f77d59a619a426132bfe914ba3ba4f683640
d94fa0a7e38809041e356a8442c08f06cf4cfb944c714d71ad8f4d9d24fd96b3
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da6b4290167c5703f8318b1044225ea15738903d2a77c9180fd6b2a2c922d1df
dc987654372c681461a1ab9e9835fc0006367829e3f0cdccee51081109d7868f
df37f88dc6f728b0ff765fa8d1c5c5f77cf6e3a3ad79bcd5857868ca79b72513
e1664a77688777034a07c45a464393a7580d7c1493907a52a3964a5e6a2a32c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e7264a77685f244c6ea46096933d22ef8698d2ed8212564168bc6839d852ab9a
e85f321211dd46eaf7f889826ecb61273dd5b452178e5ff80cfc6ac09538b7fc
eaee23e58c205d4c6cf7bd926e6a02e09d615f08775aef44b9387f0c26a13007
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f30cd20987aaa1752003518fa1056969436cd06997c9d923d1e83bc1c80d000f
f35a2f428025cb879006767f73dae220984f31ec77698a3deb16ae9b69c9db7f
f3d5781bb4f8ebe84d7dec3c75557341734b0097576b9a8a44d500bc9b28f382
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
f8112209cec2123efc61574a748d65e346ffd80acc0784182ca7f80c1bdd7820
f869f4cb68f99dfd2565886a1db8d086c5753ec325dc80170c23238b284da0db
f949e43a1f1b3513e2f44de12b2814e465d995adf31c6e7f141dcfe7c0ae3b10
f9c0780e7f6e532536ae33d56306f18e6d4fc047e67fd9bbaaa7f1272a72e8d7
fb322d9e801b20f445402380d99d144e674abdc4821c6b5d30936c0ecfe381ab
fcd001829961436ce02f62f8a16cdfc1f4443074f6d8af8718c259458207d347
fd456c061616e28d3c5c327d2f05afde8a3d9dd203d8d4396bd17dc2a4c0c313
fdf9c60a89d13818f6a1cd744c71f31ef7c3e07b51ddf66b9f2dabe5ab32e0bf
fead775e27c60b9db2cbaa1304ccf7a7a50f1a334806a9665f0620f2ebe83775
ff767a6bcc2156ffc4c7000b986252739b50f97136912100ef45f91e69b1a2ed