www.thestar.com Open in urlscan Pro
192.104.182.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thestar.com///?redirect\=true\/contests.html
Effective URL:
https://www.thestar.com///?redirect\=true\/contests.html
Submission: On September 19 via api (September 19th 2024, 6:49:56 pm UTC) from US — Scanned from DE

Summary HTTP 193 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 61 IPs in 7 countries across 39 domains to perform 193 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 237926.
TLS certificate: Issued by WR1 on September 19th 2024. Valid for: 3 months.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
52	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.160.43.93 34.160.43.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	13.107.253.44 13.107.253.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	104.64.126.246 104.64.126.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
20	18.239.208.117 18.239.208.117	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:1800:8:2ae1:d740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	158.101.223.79 158.101.223.79	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	20.54.140.8 20.54.140.8	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1f18:44f... 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	34.149.155.241 34.149.155.241	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	142.250.185.200 142.250.185.200	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1	18.245.31.123 18.245.31.123	16509 (AMAZON-02) (AMAZON-02)
1	13.32.119.202 13.32.119.202	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.228.160.99 54.228.160.99	16509 (AMAZON-02) (AMAZON-02)
5	13.35.58.148 13.35.58.148	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	52.55.86.201 52.55.86.201	14618 (AMAZON-AES) (AMAZON-AES)
1	34.243.156.227 34.243.156.227	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
1 1	34.252.69.234 34.252.69.234	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a04:4e42::84 2a04:4e42::84	54113 (FASTLY) (FASTLY)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
1	3.161.75.65 3.161.75.65	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.12.47.65 52.12.47.65	16509 (AMAZON-02) (AMAZON-02)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
1	172.66.0.227 172.66.0.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2600:1f18:143... 2600:1f18:1430:9000:45be:690a:e1e9:1615	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
193	61

9 192.104.182.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4bd8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.43.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.43.160.34.bc.googleusercontent.com

thestar.solutions.cdn.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.253.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.webtrends-optimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.239.208.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-208-117.bru50.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1800:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.101.223.79 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.54.140.8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ots.webtrends-optimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.155.241 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 241.155.149.34.bc.googleusercontent.com

thestar.cloud.optable.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-123.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.119.202 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-202.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.160.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-160-99.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.35.58.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-148.fra60.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.86.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-86-201.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.156.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-156-227.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.69.234 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-69-234.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

14475035.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.75.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-75-65.fra56.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.12.47.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-47-65.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:1430:9000:45be:690a:e1e9:1615 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 23973	602 KB
32	thestar.com www.thestar.com — Cisco Umbrella Rank: 237926 resources.thestar.com — Cisco Umbrella Rank: 240580 s.thestar.com — Cisco Umbrella Rank: 357604 pixel.thestar.com	239 KB
15	google.com www.google.com — Cisco Umbrella Rank: 3 accounts.google.com — Cisco Umbrella Rank: 16 news.google.com — Cisco Umbrella Rank: 6737 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 688 region1.analytics.google.com — Cisco Umbrella Rank: 4054	297 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	972 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 ad.doubleclick.net — Cisco Umbrella Rank: 153 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 14475035.fls.doubleclick.net — Cisco Umbrella Rank: 383931	183 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	506 KB
6	webtrends-optimize.com c.webtrends-optimize.com — Cisco Umbrella Rank: 46084 ots.webtrends-optimize.com — Cisco Umbrella Rank: 44772	51 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 1827	40 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 975	4 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 px4.ads.linkedin.com — Cisco Umbrella Rank: 6795	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 356 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 667 aax.amazon-adsystem.com — Cisco Umbrella Rank: 466	84 KB
4	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 869 api.btloader.com — Cisco Umbrella Rank: 1033	20 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 361	15 KB
3	google.de www.google.de — Cisco Umbrella Rank: 10137	189 B
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 256 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 322451	2 KB
3	optable.co thestar.solutions.cdn.optable.co — Cisco Umbrella Rank: 375248 thestar.cloud.optable.co — Cisco Umbrella Rank: 343975	8 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	4 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3419 p1.parsely.com — Cisco Umbrella Rank: 2510	27 KB
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 1957 alb.reddit.com — Cisco Umbrella Rank: 1372	724 B
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1018	25 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1069	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	151 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	4 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 907	1 KB
2	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 11218 i.viafoura.co — Cisco Umbrella Rank: 11087	3 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 194	2 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 932	724 B
1	t.co t.co — Cisco Umbrella Rank: 834	625 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1402	174 B
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 782	14 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 875	15 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1463	490 B
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 304561	74 B
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 11262	15 KB
1	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1023	20 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 502	10 KB
1	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3218	46 KB
193	39

	Domain	Requested by
52	bloximages.chicago2.vip.townnews.com	www.thestar.com bloximages.chicago2.vip.townnews.com
20	resources.thestar.com	www.thestar.com resources.thestar.com
11	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
9	www.thestar.com	www.thestar.com
5	cdn.segment.com	www.thestar.com cdn.segment.com
5	fonts.gstatic.com	fonts.googleapis.com www.thestar.com
5	c.webtrends-optimize.com	www.thestar.com c.webtrends-optimize.com
4	ct.pinterest.com	s.pinimg.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	news.google.com	www.thestar.com news.google.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	bat.bing.com	www.thestar.com bat.bing.com
3	www.google.de	www.thestar.com
3	stats.g.doubleclick.net	www.googletagmanager.com
3	region1.analytics.google.com	www.googletagmanager.com
3	www.google.com	www.thestar.com www.gstatic.com
2	www.facebook.com	www.thestar.com
2	14475035.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	www.redditstatic.com	www.thestar.com www.redditstatic.com
2	connect.facebook.net	www.thestar.com connect.facebook.net
2	s.thestar.com	resources.thestar.com www.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	api.btloader.com	btloader.com
2	unpkg.com	1 redirects www.thestar.com
2	ad.doubleclick.net	www.thestar.com
2	ad-delivery.net	www.thestar.com
2	thestar.cloud.optable.co	thestar.solutions.cdn.optable.co
2	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
2	fonts.googleapis.com	www.thestar.com
2	securepubads.g.doubleclick.net	www.thestar.com securepubads.g.doubleclick.net
2	btloader.com	1 redirects www.thestar.com
1	p1.parsely.com	www.thestar.com
1	sb.scorecardresearch.com	www.thestar.com
1	pixel.thestar.com	connect.facebook.net
1	analytics.twitter.com	www.thestar.com
1	t.co	www.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	api.segment.io	cdn.segment.com
1	px4.ads.linkedin.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	alb.reddit.com	www.thestar.com
1	pixel-config.reddit.com	www.redditstatic.com
1	snap.licdn.com	www.thestar.com
1	static.ads-twitter.com	www.thestar.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	i.viafoura.co	www.thestar.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	www.gstatic.com	www.google.com
1	api.viafoura.co	cdn.viafoura.net
1	ots.webtrends-optimize.com	c.webtrends-optimize.com
1	torstar.gscontxt.net	www.thestar.com
1	cdn.viafoura.net	www.thestar.com
1	accounts.google.com	www.thestar.com
1	tags.crwdcntrl.net	www.thestar.com
1	cdn.ampproject.org	www.thestar.com
1	micro.rubiconproject.com	www.thestar.com
1	thestar.solutions.cdn.optable.co	www.thestar.com
193	60

This site contains links to these domains. Also see Links.

Domain
www.northstarbets.ca
readerschoice.thestar.com
obituaries.thestar.com
diversions.thestar.com
notices.torstar.com
policies.google.com
www.tsoffers.ca
toriservices.newscyclecloud.com
careers.smartrecruiters.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
www.newspapers.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
www.microsoft.com
www.google.com
www.mozilla.org

Subject Issuer	Validity	Valid
thestar.com WR1	`2024-09-19` - `2024-12-18`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
thestar.solutions.cdn.optable.co WR3	`2024-09-17` - `2024-12-16`	3 months	crt.sh
*.webtrends-optimize.com Go Daddy Secure Certificate Authority - G2	`2024-02-27` - `2025-03-29`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
misc-sni.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
accounts.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.news.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.thestar.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-26`	a year	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
viafoura.com Amazon RSA 2048 M03	`2024-07-09` - `2025-08-07`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-12-09`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
join.ca.optable.co R11	`2024-09-12` - `2024-12-11`	3 months	crt.sh
ad-delivery.net WE1	`2024-09-12` - `2024-12-11`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
api.btloader.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.google.de WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
s.thestar.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-25` - `2025-08-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-28` - `2024-09-26`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-09-11` - `2025-03-11`	6 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
t.co E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
pixel.thestar.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-08`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.thestar.com///?redirect\=true\/contests.html
Frame ID: EA668E8A3A1D868A7BD1D3113DE04250
Requests: 189 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1726771790973&publicationId=thestar.com
Frame ID: 43780D42A281999D9238B2E44DE3E3A1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=jqilu9k3cz9z
Frame ID: 7E88A5BA86ECE0CDD135807777B31960
Requests: 1 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 6746C6DBE7C3F825B70F6D66A10D1619
Requests: 1 HTTP requests in this frame

Frame: https://14475035.fls.doubleclick.net/activityi;dc_pre=CN-hgprWz4gDFavZEQgdhxEdvA;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49h0v9190903233za200zb72758733;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tcfd=10001;tag_exp=101533421;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html
Frame ID: EE876720F56B473C4EB150F815E7CEB4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=EGbODne6buzpTnWrrBprcfAY&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Frame ID: 21173B84A1E5239BF773804214424721
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 4D53C640EC5A0F0BD00D783B65C86E8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking News - Headlines & Top Stories | The Star

Page URL History Show full URLs

http://www.thestar.com///?redirect\=true\/contests.html HTTP 307
https://www.thestar.com///?redirect\=true\/contests.html Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

193
Requests

97 %
HTTPS

36 %
IPv6

39
Domains

60
Subdomains

61
IPs

7
Countries

3386 kB
Transfer

9824 kB
Size

41
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.northstarbets.ca/page?key=ej0xMzUyNzc3NCZsPTEzNTI3NzcyJnA9MzQ2MQ%3D%3D&ut[%E2%80%A6]hStarBets__&utm_content=custom/tracking_sportsbettinglogo
Title: Betting

Search URL Search Domain Scan URL

URL: https://readerschoice.thestar.com/readerschoice-toronto/
Title: Readers’ Choice Awards

Search URL Search Domain Scan URL

URL: https://obituaries.thestar.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: Fun & Games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: Comics

Search URL Search Domain Scan URL

URL: https://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://notices.torstar.com/privacy-policy/index.html
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: https://careers.smartrecruiters.com/Torstar/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: https://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: https://www.newspapers.com/?iid=619
Title: Newspapers.com Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www&referrer=utm_source%3Dweb-driver%26utm_medium%3Ddriver%26utm_content%3Dfooter

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thestar.com///?redirect\=true\/contests.html HTTP 307
https://www.thestar.com///?redirect\=true\/contests.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://btloader.com/tag?o=5071905434894336&upapi=true&async=true HTTP 302
https://btloader.com/tag?o=5071905434894336&upapi=true

Request Chain 91

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

Request Chain 124

https://cm.everesttech.net/cm/dd?d_uuid=15340580087920233570140677262745688854 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZuxyTwAAAE0ZIQNn

Request Chain 160

https://14475035.fls.doubleclick.net/activityi;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49h0v9190903233za200zb72758733;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tcfd=10001;tag_exp=101533421;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html HTTP 302
https://14475035.fls.doubleclick.net/activityi;dc_pre=CN-hgprWz4gDFavZEQgdhxEdvA;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49h0v9190903233za200zb72758733;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tcfd=10001;tag_exp=101533421;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html

Request Chain 170

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&e_ipv6=AQI4f0UC6qUiXgAAAZILnofL5UhCDIXkEuKCIJ_uwGmMr-FhQxITlkf15PerY83Za_z8t4fktsHyNw

193 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com///
Redirect Chain

http://www.thestar.com///?redirect\=true\/contests.html
https://www.thestar.com///?redirect\=true\/contests.html

576 KB
84 KB

1120ms
861ms

Document
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

4c53ebdf43a70f4c7fcbc14745b469f71d14380e976a2f0e63eccdcd88330852

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding: gzip
content-length: 83869
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 19 Sep 2024 18:49:50 GMT
etag: W/1864526061df11e15867535a89aa4ed4
last-modified: Thu, 19 Sep 2024 18:49:49 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.81.0; app10; 0.68s; 8.9M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xrds-location: https://www.thestar.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.thestar.com///?redirect\=true\/contests.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 128ms
58ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60e609f2-1882c"
age: 16427764
expires: Thu, 13 Mar 2025 15:33:06 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209ef93d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38456
server: cloudflare

GET
H2 200 user.js Show response
www.thestar.com/shared-content/art/tncms/user/ 4 KB
2 KB 245ms
244ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-ee3"
age: 52
accept-ranges: bytes
content-length: 1658
date: Thu, 19 Sep 2024 18:48:58 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 109ms
40ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d726a23-9bd8"
age: 2040561
expires: Thu, 13 Mar 2025 16:43:08 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf16d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12719
server: cloudflare

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 124ms
55ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66922-841f"
age: 6131352
expires: Thu, 13 Mar 2025 18:00:39 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf18d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
server: cloudflare

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 126ms
57ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-2d77"
age: 16423411
expires: Thu, 13 Mar 2025 16:43:08 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209ef97d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4260
server: cloudflare

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 103ms
34ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f221da-1102"
age: 2119759
expires: Mon, 24 Mar 2025 05:13:10 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Mar 2024 21:59:54 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf1ad3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1590
server: cloudflare

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 126ms
57ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"654cfaf0-9b8"
age: 16414083
expires: Wed, 27 Nov 2024 05:42:31 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Thu, 09 Nov 2023 15:29:52 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209ef8bd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 100ms
31ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66920-1ac2e"
age: 16414084
expires: Thu, 13 Mar 2025 19:21:08 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cefcd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21439
server: cloudflare

GET
H2 200 layout.a20a82cd2d0545ab6b327211aa0ea22b.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 155 KB
34 KB 105ms
37ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.a20a82cd2d0545ab6b327211aa0ea22b.css

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4adce56d5b9e718c9ae4798c09e85846e80100fd12ed65d3aeb234047028cf35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66be51f6-26c4a"
age: 2590769
expires: Wed, 20 Aug 2025 19:01:07 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:07:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf04d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34404
server: cloudflare

GET
H2 200 oovvuu.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 588 B
416 B 102ms
33ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/oovvuu.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55c6983606eae184b6c555ec5ed37a79f5038a478645e778921e618d74ed7f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-24c"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf11d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 271
server: cloudflare

GET
H2 200 flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 531 B
397 B 108ms
40ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-213"
age: 2034105
expires: Thu, 13 Mar 2025 19:21:47 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf0bd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 263
server: cloudflare

GET
H2 200 flex-utility-promo-designer.a27bf5e332f0dd667184ad38b7bf1638.css
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 8 KB
2 KB 102ms
34ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6564a924-2021"
age: 2040561
expires: Thu, 28 Nov 2024 08:46:30 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Mon, 27 Nov 2023 14:35:16 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc209cf0ed3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1823
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
74 KB 87ms
36ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3e975506b3ea0835e46460a649d3c7246f3cdc8649f959c02ae392e5febd3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 75546
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 csrf.js Show response
www.thestar.com/shared-content/art/tncms/api/ 940 B
763 B 126ms
125ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/shared-content/art/tncms/api/csrf.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-3ac"
age: 159
accept-ranges: bytes
content-length: 537
date: Thu, 19 Sep 2024 18:47:10 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 access.3e0b8030b6000aa9a609.js Show response
www.thestar.com/shared-content/art/tncms/api/ 71 KB
29 KB 126ms
126ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e33faa-11c3d"
age: 139
accept-ranges: bytes
content-length: 29787
date: Thu, 19 Sep 2024 18:47:30 GMT
last-modified: Thu, 12 Sep 2024 19:23:22 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
https://btloader.com/tag?o=5071905434894336&upapi=true

56 KB
19 KB

34ms
34ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4bbf8a99bdcfad3ccc24831e2c34b23dcd287f4adf8e40de3f6172a02638f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noindex, nofollow
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
cf-cache-status: HIT
etag: "00b63e3e8d07efb2a3117713ca198986"
age: 952
via: 1.1 google
cf-ray: 8c5bc20c480a65dd-FRA
accept-ranges: bytes
content-length: 19256
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:33:10 GMT
vary: Origin, Accept-Encoding
server: cloudflare

Redirect headers

cache-control: public, max-age=3600, must-revalidate
location: /tag?o=5071905434894336&upapi=true
cf-cache-status: HIT
age: 1035
via: 1.1 google
cf-ray: 8c5bc20bef9765dd-FRA
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 thestar-sdk.js Show response
thestar.solutions.cdn.optable.co/public-assets/ 20 KB
7 KB 90ms
20ms Script
text/javascript 34.160.43.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.43.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

93.43.160.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

2557365aebe07e2fca7075a141aaaee399e92906f25ce7b67efa44f0df6c4789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=Qd5EXA==, md5=3qXX2SEZBtb3TuvNDKy3Bg==
etag: "dea5d7d9211906d6f74eebcd0cacb706"
age: 2964
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6837
date: Thu, 19 Sep 2024 18:00:26 GMT
last-modified: Mon, 17 Jun 2024 16:10:36 GMT
content-type: text/javascript
x-guploader-uploadid: AD-8ljudlUjiyFWCB_c9r7TtoRGsSTHCiiFRNiR799gCj_Hfug7EOOIh-qg_yxenHp19FnrDpy_fcx37Mw
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public,max-age=86400,no-transform
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1718640636301683
content-length: 6837
server: UploadServer

GET
H2 200 wt.js Show response
c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/ 60 KB
15 KB 117ms
42ms Script
text/javascript 13.107.253.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3fa20d51f6e21192966bf4681bfcce7de3d481a1bb595dc4a1a556cb7bb8a87f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: "f010-6220606d28c2a-gzip"
x-fd-int-roxy-purgeid: 76272151
expires: Thu, 19 Sep 2024 20:05:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 15324
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 13 Sep 2024 20:25:39 GMT
vary: Accept-Encoding
x-azure-ref: 20240919T184950Z-15f966665cflxjqlbug3gr646g000000016000000000g1dt

GET
H2 200 axate-helper.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 6 KB
2 KB 43ms
38ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/axate-helper.js?_dc=1726680940

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cde2b88166202ca02bb7edb492dc4b4873134bf0d524245240458b8ec058823

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6c-1947"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 17:35:40 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a2873d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2387
server: cloudflare

GET
H2 200 edition-selector.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 8 KB
2 KB 42ms
38ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/edition-selector.js?_dc=1726680940

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6c-2076"
age: 1264
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 17:35:40 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20baeeed3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2252
server: cloudflare

GET
H2 200 footer.nav.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 2 KB
725 B 40ms
36ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/footer.nav.js?_dc=1726680940

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57c6c8ef16f19b7a2e015a857f3f43bc4997fb5044f8dd62644329ba4a8420dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6c-999"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 17:35:40 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20baf01d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 639
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 107 KB
32 KB 86ms
38ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

eaf2bfe18b639cdca8455270dc66be66b931054b6be9447137220137e716cb40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
etag: 349 / 19985 / 31087260 / config-hash: 11398383833200361203
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33044
x-xss-protection: 0
server: cafe

GET
H2 200 18488.js Show response
micro.rubiconproject.com/prebid/dynamic/ 147 KB
46 KB 212ms
84ms Script
text/javascript 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/18488.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11 /
Resource Hash: 868363ef2870b0754aff551f47a8058255af7768783bbc152711cd4552fb7f0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

edge-cache-tag: prod-prebid-No.Wrapper.js
cache-control: public, must-revalidate, max-age=14400
content-encoding: gzip
expires: Fri, 20 Sep 2024 15:42:58 GMT
content-length: 47219
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript;charset=UTF-8
vary: accept-encoding, referer
server: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
967 B 80ms
34ms Script
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

ESF /

Resource Hash

94f5196fd2a0e77ac5f6bbf268c53e36d4fc6bfe33cca0e3ca31fe4fb675a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 19 Sep 2024 18:49:50 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
312 B 40ms
36ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"654cfaf3-cf"
age: 15518230
expires: Wed, 27 Nov 2024 08:42:36 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Thu, 09 Nov 2023 15:29:55 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a2877d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
server: cloudflare

GET
H2 200 tracking.js Show response
www.thestar.com/shared-content/art/tncms/ 3 KB
1 KB 235ms
230ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66e89eba-a3a"
age: 273
accept-ranges: bytes
content-length: 1157
date: Thu, 19 Sep 2024 18:45:17 GMT
last-modified: Mon, 16 Sep 2024 21:10:18 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 save.asset.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 2 KB
756 B 52ms
49ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/save.asset.js?_dc=1726680940

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6c-721"
age: 90459
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 17:35:40 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20bbf0ed3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 674
server: cloudflare

GET
H2 200 fontawesome.48f6e778a25162f5c4a6977fb556155b.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 277 KB
115 KB 42ms
39ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2e-45518"
age: 172004
expires: Wed, 17 Sep 2025 19:01:05 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:06 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20bbf17d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117608
server: cloudflare

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
10 KB 120ms
31ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

609ce752d099830d428c2ea4768baa950acb7688a632d909846b8b1dec821cec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
etag: "25bc0e2caa2b93af"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 8920
x-xss-protection: 0
server: sffe

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/17837/ 64 KB
20 KB 75ms
21ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/17837/lt.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cffa4a2e51b8ad951cfed21a095c9678f3fb7032df3edd501b4781036d0226a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ae639cabb50243762cadecbc37788f5d"
age: 70492
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GpBj-WhNXD-hB-7nFpaw_YXJLJN8K1T1IyVAqeXPFvQsCatSWRMCjg==
date: Wed, 18 Sep 2024 23:17:54 GMT
content-type: text/javascript
last-modified: Fri, 13 Sep 2024 18:05:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 109ms
41ms Script
application/javascript 2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3277bd08bf37f1fd5af9c3b1cc9c81281977dc85021fb0b9f1f86c8c6e9a5925

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rpPh_HDds1pryHwHZqF5vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rpPh_HDds1pryHwHZqF5vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Thu, 19 Sep 2024 18:49:50 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 244 KB
71 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232aed844628184741345b9bda7b612b47351c26b74261501275522bc4bfd135

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
age: 1625
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:12:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:22:45 GMT
last-modified: Wed, 18 Sep 2024 21:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
cross-origin-opener-policy: same-origin; report-to="news-frontend"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges: bytes
content-length: 72273
x-xss-protection: 0
server: sffe

GET
H2 200 launch-9387fe3a1e9f.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/ 355 KB
82 KB 143ms
41ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c31031c62e3de4b8e4b8edf0cb95328e1d678b1db4dd84d637ff02a32eb1136a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"67914e0026fed3b77bb90e86d65a9970"
age: 1458
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: cDmhv-EUVkpPjV8SHtK-Lk7OGx66_bKL8LlkkdkRHXxzDn6U1NO59w==
date: Thu, 19 Sep 2024 18:25:33 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 css2
fonts.googleapis.com/ 37 KB
2 KB 90ms
35ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a76ff167d7d530e0a4d45c331ac37dd1ad59b0c32b1a80e3906cb50d88e0f3b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 18:49:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 navigation.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 10 KB
3 KB 39ms
34ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/navigation.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-28b1"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a287ed3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2468
server: cloudflare

GET
H2 200 pages.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 198 B
249 B 45ms
40ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/pages.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-c6"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a2880d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168
server: cloudflare

GET
H2 200 blocks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 5 KB
2 KB 45ms
40ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/blocks.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-12e6"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a2881d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1482
server: cloudflare

GET
H2 200 utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 628 B
478 B 43ms
39ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/utilities.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-274"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28a4d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 396
server: cloudflare

GET
H2 200 global.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 39 KB
9 KB 53ms
49ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9c0780e7f6e532536ae33d56306f18e6d4fc047e67fd9bbaaa7f1272a72e8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-9c15"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28aad3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8928
server: cloudflare

GET
H2 200 stn.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 3 KB
858 B 46ms
42ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/stn.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-ded"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28afd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 776
server: cloudflare

GET
H2 200 storypacks.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 52 KB
7 KB 43ms
39ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/storypacks.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d72995ef7e52dafc770a56457038f77d59a619a426132bfe914ba3ba4f683640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-cfe5"
age: 1264
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28b3d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6725
server: cloudflare

GET
H2 200 utilities.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 34 KB
9 KB 47ms
44ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/utilities.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b69399569237ff386301a82562ff6b21c1d31370b29928025cee63b7252f848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-8999"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28b6d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8919
server: cloudflare

GET
H2 200 user-controls.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 6 KB
2 KB 51ms
48ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/user-controls.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80abdc7301a85f3723a06e115899beb85170026b040c44834b954be0d2f2af3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-1839"
age: 1264
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28bbd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1734
server: cloudflare

GET
H2 200 icons.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 13 KB
1 KB 49ms
45ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ebc1e62c024fc610ffd18df157488dfa4321fc8db7222d9db66e92e1afe7b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-3369"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28bed3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1201
server: cloudflare

GET
H2 200 staronly.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 223 B
261 B 46ms
43ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/staronly.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-df"
age: 90321
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28c1d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 175
server: cloudflare

GET
H2 200 site.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 339 B
352 B 49ms
46ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/site/resources/styles/site.css?_dc=1671043982

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"639a1b8e-153"
age: 16414083
expires: Thu, 28 Nov 2024 08:06:00 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 14 Dec 2022 18:53:02 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28c6d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 218
server: cloudflare

GET
H2 200 primis.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/ 258 B
314 B 62ms
59ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/primis.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f869f4cb68f99dfd2565886a1db8d086c5753ec325dc80170c23238b284da0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-102"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a28cdd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 174
server: cloudflare

GET
H2 200 tracker.js Show response
www.thestar.com/shared-content/art/stats/common/ 9 KB
3 KB 233ms
230ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"66159e4b-2200"
age: 219
accept-ranges: bytes
content-length: 3224
date: Thu, 19 Sep 2024 18:46:10 GMT
last-modified: Tue, 09 Apr 2024 20:00:11 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 31c48758-8d44-11ed-8c30-0bcb8697ec11.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 1 KB
1 KB 51ms
48ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/31c48758-8d44-11ed-8c30-0bcb8697ec11.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "63b74833-552"
age: 2039655
cf-cache-status: HIT
expires: Fri, 22 Aug 2025 21:47:58 GMT
cf-polished: origFmt=png, origSize=1362
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="31c48758-8d44-11ed-8c30-0bcb8697ec11.webp"
vary: Accept
last-modified: Thu, 05 Jan 2023 21:59:15 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a38e6d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1086
server: cloudflare

GET
H2 200 66eafee25aabb.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/c/27/c273c713-8ae1-5913-8114-43ad7ad575b0/ 95 KB
95 KB 53ms
50ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/c/27/c273c713-8ae1-5913-8114-43ad7ad575b0/66eafee25aabb.image.jpg?crop=1280%2C853%2C0%2C6&resize=1200%2C800&order=crop%2Cresize

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc6b418b5a68f50966ec33b5ded2116b6e20a95fd027630285373f24a3df69ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "c2d8eabdf8baf33f77539f13427b119b"
age: 5205
cf-cache-status: HIT
expires: Fri, 19 Sep 2025 08:52:16 GMT
cf-polished: origSize=104784, status=webp_bigger
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/jpeg
last-modified: Wed, 18 Sep 2024 16:25:07 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20a38ebd3b9-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 66ec65c026f38.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/b/b4/bb4e6369-3111-5a63-97c1-29bc946d69f6/ 134 KB
135 KB 38ms
38ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/b/b4/bb4e6369-3111-5a63-97c1-29bc946d69f6/66ec65c026f38.image.jpg?crop=1763%2C1175%2C0%2C0&resize=1200%2C800&order=crop%2Cresize

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fa49b5af1a24856283635a2ce2a2e0fb9d1efc6e13c8cf3e3f8442647c1e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "f217c2373de5972fced52ec6ee364d22"
age: 938
cf-cache-status: HIT
expires: Fri, 19 Sep 2025 18:19:49 GMT
cf-polished: origSize=143312, status=webp_bigger
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 17:56:21 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20adb64d3b9-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 2faeee7c-8d44-11ed-8c18-eb5483a10695.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/ 1 KB
1 KB 65ms
64ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/custom/image/2faeee7c-8d44-11ed-8c18-eb5483a10695.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "63b7482f-609"
age: 16423410
cf-cache-status: HIT
expires: Thu, 13 Mar 2025 16:43:11 GMT
cf-polished: origFmt=png, origSize=1545
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="2faeee7c-8d44-11ed-8c18-eb5483a10695.webp"
vary: Accept
last-modified: Thu, 05 Jan 2023 21:59:11 GMT
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20adb83d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1228
server: cloudflare

GET
H2 200 subscription-landing.css
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/ 11 KB
3 KB 34ms
34ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/subscription-landing.css?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8112209cec2123efc61574a748d65e346ffd80acc0784182ca7f80c1bdd7820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-2d1c"
age: 90186
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/css
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20b2cf0d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2644
server: cloudflare

GET
H2 200 newsletter-helper.min.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 363 B
401 B 40ms
39ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/newsletter-helper.min.js?_dc=1726680940

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

457e85861044e6c6ed188aee506092571f5ba71759bbc1de4340ece02b69194e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6c-16b"
age: 90460
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 17:35:40 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20b4d59d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 278
server: cloudflare

GET
H2 200 tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 14 KB
5 KB 33ms
33ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.ee10a41bfea60001b9edb7ab35e5c9e1.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65f221dd-3662"
age: 2039654
expires: Wed, 19 Mar 2025 19:01:16 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 13 Mar 2024 21:59:57 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20b6dc1d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5096
server: cloudflare

GET
H2 200 sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 4 KB
2 KB 34ms
33ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sticky-kit.cd42d35abf643b0a78798fe03bf6bc83.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66922-1010"
age: 15518069
expires: Thu, 13 Mar 2025 16:43:08 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20b8e5bd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1501
server: cloudflare

GET
H2 200 tnt.regions.e7df22f20c42105cce5864da9e346f48.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 41ms
36ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.e7df22f20c42105cce5864da9e346f48.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66be51f3-1041"
age: 2119757
expires: Wed, 20 Aug 2025 19:01:08 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Aug 2024 19:07:31 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20baedad3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1560
server: cloudflare

GET
H2 200 promo_popup.min.js Show response
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/ 4 KB
1 KB 40ms
35ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/scripts/promo_popup.min.js?_dc=1726680940

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cc3ab827174b3c8924eff21bec7589249a6150d4c9022fa52f4ffb27416db08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6c-ef1"
age: 90460
expires: Thu, 18 Sep 2025 17:40:46 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Sep 2024 17:35:40 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20baee3d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1256
server: cloudflare

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 45 KB
15 KB 85ms
27ms Script
text/javascript 2600:9000:223c:1800:8:2ae1:d740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1800:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 403157f1da5460465e0156ec5f3b9a21270b545805b43ac4137572027f21296c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
x-amz-version-id: 4zRUbjUblLa0McYpjJIZUcC.BkzbkEbQ
etag: W/"42bb2348acebf89096f92674b711372a"
age: 74
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 7uDvb05l4-M6O9zZdwBXiklXGzCrQdBa-wz8yh17XzKa_AfgdHQX-A==
date: Thu, 19 Sep 2024 18:48:37 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 17 Sep 2024 13:59:35 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=600,s-max-age=60
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 84ms
27ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"f2dd6786b4537f2bb6a3e22886b855f2"
age: 3517
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: hxGyk0oOnJunzOyQ47kqEm1qX-zcBFyw3XwcWALQHKN7FWzmJNEw4A==
date: Thu, 19 Sep 2024 17:51:14 GMT
content-type: application/javascript
last-modified: Wed, 28 Aug 2024 22:46:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
x-amz-server-side-encryption: AES256

GET
H2 200 sizzle.min.js Show response
c.webtrends-optimize.com/acs/common/js/5.4/ 19 KB
8 KB 26ms
25ms Script
text/javascript 13.107.253.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.webtrends-optimize.com/acs/common/js/5.4/sizzle.min.js
Requested by: Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a70b993e6415ddfd66ea6ee209e3ab2fa3f88b0d3e4329aec59cffedf2c32db6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
etag: "4d8a-58242ec738780-gzip"
x-fd-int-roxy-purgeid: 76272151
expires: Thu, 19 Sep 2024 14:03:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 7375
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 19 Feb 2019 17:53:50 GMT
vary: Accept-Encoding
x-azure-ref: 20240919T184950Z-15f966665cflxjqlbug3gr646g000000016000000000g1e1

GET
H2 200 common.js Show response
c.webtrends-optimize.com/acs/common/js/5.4/ 20 KB
7 KB 26ms
25ms Script
text/javascript 13.107.253.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.webtrends-optimize.com/acs/common/js/5.4/common.js
Requested by: Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cfd886a01f6af8332fc28434bfeb5fb5c29e3417d31b0f8d52c1fd60bafafba8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
etag: "516e-5bd09eb477b58-gzip"
x-fd-int-roxy-purgeid: 76272151
expires: Thu, 19 Sep 2024 12:24:59 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 6511
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 08 Mar 2021 17:39:43 GMT
vary: Accept-Encoding
x-azure-ref: 20240919T184950Z-15f966665cflxjqlbug3gr646g000000016000000000g1e2

GET
H2 200 wt_debugger.js Show response
c.webtrends-optimize.com/acs/common/js/5.4/ 4 KB
2 KB 26ms
25ms Script
text/javascript 13.107.253.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.webtrends-optimize.com/acs/common/js/5.4/wt_debugger.js
Requested by: Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0f28f8ef3c65ede1c3171b6e44188fca93e15b53d362d0bbb9a22c93d3f73fdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
etag: "10d0-5bd09eb4d5758-gzip"
x-fd-int-roxy-purgeid: 76272151
expires: Fri, 20 Sep 2024 01:24:08 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 1720
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 08 Mar 2021 17:39:43 GMT
vary: Accept-Encoding
x-azure-ref: 20240919T184950Z-15f966665cflxjqlbug3gr646g000000016000000000g1e3

GET
H2 200 wt_lib.js Show response
c.webtrends-optimize.com/acs/common/js/5.4/ 69 KB
19 KB 26ms
26ms Script
text/javascript 13.107.253.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.webtrends-optimize.com/acs/common/js/5.4/wt_lib.js
Requested by: Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/accounts/cfa16dfe-2c13-4c6e-8cb4-c532d090eb72/js/wt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 249f5da01a64c4809b00baa1f828e663e91a52268689c84332b5157ee96ee1a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
etag: "1143c-5bd09ebc0d1d8-gzip"
x-fd-int-roxy-purgeid: 76272151
expires: Thu, 19 Sep 2024 16:44:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_HIT
content-length: 18846
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 08 Mar 2021 17:39:51 GMT
vary: Accept-Encoding
x-azure-ref: 20240919T184950Z-15f966665cflxjqlbug3gr646g000000016000000000g1e4

GET
H2 200 channels.cgi Show response
torstar.gscontxt.net/main/ 26 B
74 B 105ms
29ms Script
application/javascript 158.101.223.79
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.101.223.79 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 01594e833d67163c5d71c470fb205ab5dcea6c114cb3408c3aed83d139697c36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-type: application/javascript
content-length: 26

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
99 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ddf1466b3e00367c51b294a49a96c6b83344c49d22f7993b31a0caf3af4d0bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/javascript; charset=UTF-8
vary: *
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 101241
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tracker.gif
www.thestar.com/shared-content/art/stats/common/ 0
145 B 123ms
123ms Image
image/gif 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thestar.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=1726771790655101016001200694693005051&tnms_dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&tnms_upage=1&tnms_do=www.thestar.com&tnms_uri=///%3Fredirect%5C%3Dtrue%5C/contests.html&tnms_ref=&rt=1726771790656
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: MISS
cache-control: no-cache, no-store
etag: "48f79fed-0"
age: 0
accept-ranges: bytes
content-length: 0
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/gif
last-modified: Thu, 16 Oct 2008 20:11:25 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 Toronto_Star_logo.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/ 6 KB
2 KB 31ms
30ms Image
image/svg+xml 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/publication-logos/Toronto_Star_logo.svg?_dc=1726680938

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66eb0f6a-16bb"
age: 90459
expires: Thu, 18 Sep 2025 17:40:41 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/svg+xml
last-modified: Wed, 18 Sep 2024 17:35:38 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20bbf38d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2372
server: cloudflare

GET
H2 200 guest.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 662 B
495 B 33ms
33ms Image
image/svg+xml 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/guest.svg

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1726680938

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/common/icons.css?_dc=1726680938

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65e8b710-296"
age: 2119759
expires: Thu, 13 Mar 2025 16:43:11 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Mar 2024 18:33:52 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20bbf3ad3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 382
server: cloudflare

GET
H2 200 nbetting.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/ 6 KB
6 KB 52ms
52ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/nbetting.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1726680938

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "65e8b710-2b5f"
age: 16418915
cf-cache-status: HIT
expires: Thu, 13 Mar 2025 18:01:11 GMT
cf-polished: origFmt=png, origSize=11103
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="nbetting.webp"
vary: Accept
last-modified: Wed, 06 Mar 2024 18:33:52 GMT
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20bbf3cd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6086
server: cloudflare

GET
H2 200 chevron.svg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/ 347 B
392 B 37ms
36ms Image
image/svg+xml 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/icons/chevron.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/styles/daily/global.css?_dc=1726680938

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"656783b6-15b"
age: 16413829
expires: Fri, 29 Nov 2024 00:01:00 GMT
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/svg+xml
last-modified: Wed, 29 Nov 2023 18:32:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20bcf3fd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 246
server: cloudflare

GET
H2 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
38 KB 129ms
67ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=STIX+Two+Text:ital,wght@0,500;0,600;0,700;1,500;1,600;1,700&family=Frank+Ruhl+Libre:wght@300;400;500;600;700;800;900&family=Merriweather+Sans:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 194993
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 12:39:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 12:39:57 GMT
last-modified: Thu, 27 Apr 2023 00:13:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38268
x-xss-protection: 0
server: sffe

GET
H2 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v21/ 43 KB
43 KB 111ms
50ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 424303
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Sep 2025 20:58:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Sep 2024 20:58:07 GMT
last-modified: Thu, 11 Apr 2024 18:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44372
x-xss-protection: 0
server: sffe

GET
H2 200 bb8ea5b6-9d2c-11ed-a159-3b5b1c2bfd8c.b5ab8364bc0ab09f35d0db1618849544.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/b/b8/ea5/ 7 KB
7 KB 36ms
34ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/b/b8/ea5/bb8ea5b6-9d2c-11ed-a159-3b5b1c2bfd8c.b5ab8364bc0ab09f35d0db1618849544.png?_dc=1703262090

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bc00643c465b3bca45174c692d7097c758e64794add2a1b2f3ffb9bd86d0e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6585b78a-2a84"
age: 820064
cf-cache-status: HIT
expires: Fri, 05 Sep 2025 22:26:51 GMT
cf-polished: origFmt=png, origSize=10884
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="bb8ea5b6-9d2c-11ed-a159-3b5b1c2bfd8c.webp"
vary: Accept
last-modified: Fri, 22 Dec 2023 16:21:30 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20befead3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7138
server: cloudflare

GET
H2 200 d61aad76-fd93-11ee-9b6a-137127afa148.594752c8749ebae87324b2ebee8759a9.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/d/61/aad/ 8 KB
8 KB 39ms
37ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/d/61/aad/d61aad76-fd93-11ee-9b6a-137127afa148.594752c8749ebae87324b2ebee8759a9.png?_dc=1713453200

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b2b80e123286ecb7ec84a0ae7ebf2257132f0b517190269d8c4439b7c89293b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "66213890-2d8c"
age: 106311
cf-cache-status: HIT
expires: Fri, 08 Aug 2025 17:21:51 GMT
cf-polished: origFmt=png, origSize=11660
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="d61aad76-fd93-11ee-9b6a-137127afa148.webp"
vary: Accept
last-modified: Thu, 18 Apr 2024 15:13:20 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20beff5d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7822
server: cloudflare

GET
H2 200 8c459fae-b90a-11ed-a84a-f7445f082061.a51e31e792b37d55cb8619bcf7c59e8e.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/8/c4/59f/ 10 KB
10 KB 40ms
38ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/8/c4/59f/8c459fae-b90a-11ed-a84a-f7445f082061.a51e31e792b37d55cb8619bcf7c59e8e.png?_dc=1687376831

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc392f4dc21a75392f7a60293bcd78b466ba3e9671e04acc1caab86a533bcd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "649353bf-3f53"
age: 1285085
cf-cache-status: HIT
expires: Sat, 09 Aug 2025 07:33:43 GMT
cf-polished: origFmt=png, origSize=16211
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="8c459fae-b90a-11ed-a84a-f7445f082061.webp"
vary: Accept
last-modified: Wed, 21 Jun 2023 19:47:11 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20befffd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10138
server: cloudflare

GET
H2 200 4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/ 7 KB
8 KB 38ms
36ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/avatars/4/bf/41a/4bf41a72-9d1f-11ed-962a-731f98635eec.6456e853912fda7cde5a60abaa0ee692.png?_dc=1683211417

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e62bc02cd5fca4b743c497a1b1b06096f90407e772e6acf00d6e0ec60970ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6453c499-2ece"
age: 30919
cf-cache-status: HIT
expires: Fri, 22 Aug 2025 20:56:03 GMT
cf-polished: origFmt=png, origSize=11982
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/webp
content-disposition: inline; filename="4bf41a72-9d1f-11ed-962a-731f98635eec.webp"
vary: Accept
last-modified: Thu, 04 May 2023 14:43:37 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20be80bd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7582
server: cloudflare

GET
H2 200 2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2
fonts.gstatic.com/s/merriweathersans/v26/ 37 KB
37 KB 50ms
25ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v26/2-c79IRs1JiJN1FRAMjTN5zd9vgsFHXwcjfj9w.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 507902
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 13 Sep 2025 21:44:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 13 Sep 2024 21:44:48 GMT
last-modified: Thu, 27 Apr 2023 00:30:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37848
x-xss-protection: 0
server: sffe

POST
H2 200 / Show response
ots.webtrends-optimize.com/ots/ots/js-5.0/2547823/ 540 B
882 B 143ms
47ms XHR
text/javascript 20.54.140.8
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ots.webtrends-optimize.com/ots/ots/js-5.0/2547823/
Requested by: Host: c.webtrends-optimize.com
URL: https://c.webtrends-optimize.com/acs/common/js/5.4/wt_lib.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.54.140.8 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: d6c8c6b184ece61ce540c664eca5d0d8a2c8665e054d06cd18b362f2f7927c42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.thestar.com/

Response headers

access-control-allow-method: POST,OPTIONS
cache-control: no-cache
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
content-length: 424
p3p: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: Apache-Coyote/1.1
access-control-allow-headers: Content-Type

POST
H2 200 v2 Show response
api.viafoura.co/v2/www.thestar.com/bootstrap/ 8 KB
3 KB 358ms
124ms Fetch
application/json 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/www.thestar.com/bootstrap/v2?session=false
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3af92a23430da4fa00766d5b8f33945856158e053e9a58b3d6d614b0e73a528d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 86400
cache-control: max-age=0
content-encoding: gzip
pragma: no-cache
x-instance-id: i-0d3a972acef512bae
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 18:49:51 GMT
access-control-allow-origin: https://www.thestar.com
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 541 KB
215 KB 91ms
26ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ad2666cfdc2495ef3849d47ea1144f4a493efffa9aeeb4448e60488aec66d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
age: 6602
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 19 Sep 2025 16:59:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 16:59:48 GMT
last-modified: Tue, 03 Sep 2024 02:00:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219302
x-xss-protection: 0
server: sffe

GET
H2 200 /
www.thestar.com/tncms/csrf/token/ 0
0 137ms
137ms Fetch
text/html 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/tncms/csrf/token/

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/shared-content/art/tncms/api/csrf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-robots-tag: noarchive
content-encoding: gzip
age: 0
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/html; charset=UTF-8
vary: X-IPCountry, Accept-Encoding
x-frame-options: SAMEORIGIN
x-vcache: MISS
strict-transport-security: max-age=31536000
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.81.0; app19; 0.01s; 1.9M
content-security-policy: upgrade-insecure-requests
cache-control: private, no-cache, no-store, max-age=0
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-length: 20
x-xss-protection: 1; mode=block

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/ 479 KB
149 KB 23ms
23ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js?cb=31087260

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

77879f54400e07c9d73fefd1e1e06fd736e7dbeffea7669790620753125671ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
etag: 10756395476737303338
age: 20137
x-content-type-options: nosniff
expires: Fri, 19 Sep 2025 13:14:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 19 Sep 2024 13:14:13 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152737
x-xss-protection: 0
server: cafe

GET
H2 200 config Show response
thestar.cloud.optable.co/prod-thestar-com/ 389 B
608 B 178ms
114ms Fetch
application/json 34.149.155.241
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thestar.cloud.optable.co/prod-thestar-com/config?cookies=no&passport=&osdk=web-v0.19.1
Requested by: Host: thestar.solutions.cdn.optable.co
URL: https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9a75af162a0dd2f4fd8d79eb47940d2b997804e86b27e8d4026544d752b5ebe5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://www.thestar.com/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 389
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/json; charset=utf-8
vary: Origin

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
73 KB 40ms
39ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f75c3c6c5a24bd769dc4bdfa2e0549681f48caa046875bc48a54831b741b8452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:28:05 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 74233
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
81 KB 54ms
53ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9c02ac5ede2a9b253a5fdff07b4a57e556c1ad42d0bd47e4715707e5adc1b914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 83406
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 px.gif
ad-delivery.net/ 43 B
921 B 91ms
40ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1970749
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EvzChy8RMZApDo8X9wUocHxB923Xdgh1eh%2F1tmtjaGMMr%2BxDm79gWUVU7qpU0LirvcYzlKWaPMo9YOyQzfYMGrY3s9iqlAal5tDmd6%2BHZ4PTLZK8ueur9EVolK%2Feqg4qLDigdqqdKbUvNZH95A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 28 Aug 2024 00:20:20 GMT
x-goog-stored-content-length: 43
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8c5bc20cfd7518c7-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 61ms
23ms Image
image/x-icon 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
age: 43189
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 06:50:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 06:50:01 GMT
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
vary: Accept-Encoding
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 104
x-xss-protection: 0
server: sffe

GET
H2 200 px.gif
ad-delivery.net/ 43 B
340 B 92ms
44ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.05196979761394349
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-goog-metageneration: 5
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status: HIT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 1970749
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ko2xZh3HCFrZSPC2wlXnfNnbNSCBEpVNpgxQfxYB7KA3gf8XZ%2B9aA4nHUO4FErYUq8aUlorEnvDM2PtZdvMZq2eFwqj8cyXeJQgHcrvO9j%2B62JjK2nTDBmpiMyIpe5%2BQGPhrk4xyEbIrGEbLPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Wed, 28 Aug 2024 00:20:20 GMT
x-goog-stored-content-length: 43
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: image/gif
last-modified: Wed, 05 May 2021 19:25:32 GMT
vary: Accept-Encoding
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: MULTI_REGIONAL
cf-ray: 8c5bc20cfd7918c7-FRA
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1620242732037093
content-length: 43
server: cloudflare

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@4.2.3/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

7 KB
3 KB

42ms
42ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@4.2.3/dist/web-vitals.iife.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1c28-4f+2/GWZhXlozjo2GiBA+7VB9Ow"
age: 3768511
x-content-type-options: nosniff
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J4NFZ6JYVTZAXMYSV9XK52BB-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8c5bc20df9e4d28e-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /web-vitals@4.2.3/dist/web-vitals.iife.js
content-encoding: br
cf-cache-status: HIT
age: 500
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8c5bc20d5f71d28e-FRA
access-control-allow-origin: *
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01J85SDQ03T0KWV08MBVF5K2YE-fra
server: cloudflare

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
103 KB 43ms
43ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c3787cf743f70b81f790ab6dca42ff6fecd145c5935e184ac7dbe883481c6d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 18:49:50 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105275
date: Thu, 19 Sep 2024 18:49:50 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
102 KB 46ms
46ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WRSZQF8&gtm_auth=74eL4wQLYRNQ18AwQITlNA&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c72b6d7c9272f5d79b0bc2a13aee33dfc705eff7d324794975da00ef185df9a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 18:49:50 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104643
date: Thu, 19 Sep 2024 18:49:50 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 58580620 Show response
fundingchoicesmessages.google.com/i/ 208 KB
69 KB 119ms
56ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/58580620?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202409160104/pubads_impl.js?cb=31087260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51bcf67564625b93b6f3bcfa0fbb4bea12ffee46cd95220fc54f641d98787413

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7x4LWC8OEF6y5LxaWRpGyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B-IlERdZDyVeZDVUuMTqCMJFl1g9gVi15xKrKRDfX3eJ9TkQ7_14ifUoEBdJXGFtAmJfryusoUAsxM1x_snG7WwCDXOeKyhpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGFgaWugZmMQXGAAAPwtHQw"
content-security-policy: script-src 'report-sample' 'nonce-7x4LWC8OEF6y5LxaWRpGyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 18 KB
5 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
age: 796
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:26:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:36:34 GMT
last-modified: Wed, 03 Jan 2024 21:19:17 GMT
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=3000
cross-origin-opener-policy: same-origin; report-to="news-frontend"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges: bytes
content-length: 5195
x-xss-protection: 0
server: sffe

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 21ms
21ms Other
image/svg+xml 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
age: 1908
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 19:08:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:18:02 GMT
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=3000
cross-origin-opener-policy: same-origin; report-to="news-frontend"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
accept-ranges: bytes
content-length: 1049
x-xss-protection: 0
server: sffe

GET
H2 200 serviceiframe
news.google.com/swg/ui/v1/ Frame 4378 0
0 126ms
82ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=1726771790973&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-6_gPSVVBDQNsLnt1g55pxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-6_gPSVVBDQNsLnt1g55pxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://billing-ads-qa-devel.corp.google.com https://payments.google.com https://payments.sandbox.google.com https://sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Thu, 19 Sep 2024 18:49:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/swg/_/SubscribewithgoogleClientUi/web-reports?context=eJzjqtHikmLw1JBicDa_xRT35xZT1OlHTE0rnzK1APG3Q8-YfgCxxNeXTGpA7JQ-gzUAiFtvnmOdDMRJ_86zFgDxkoiLrAcSL7KyPr3Iyg7EDr8vsjoBsaHCJVZ7IF6qeIl1ORCr9lxiNQbiIokrrA1ALMTNcf7Jxu1sAjsmXddUMkrKL4wvLk0qTi7KTEotzyzJSM_PT89JTc7JTM0rKU4tKkstijcyMDIxsDS00DMwjy8wAADxZ08J"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 5028 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
807 B 82ms
24ms Script
application/javascript 18.245.31.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/5028
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-123.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 89e5b70754765ab6a5907e76072f3d4b9fee358fb3720c99d5414a6b8d56ca54

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: max-age=3600
age: 52
via: 1.1 9eb1733bea847c3a8f4910adebcc8146.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 531
x-amz-cf-id: a9xYegNu4SSXriVXNP9v4wMGh9Ii8Ce-QbPkEoOejhphy5O1be7IxQ==
date: Thu, 19 Sep 2024 18:48:59 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-P8
server: CloudFront

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
377 B 361ms
295ms XHR
text/javascript 13.32.119.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&pid=SkpGhoTdzZVWP&cb=0&ws=1600x1200&v=24.827.1552&t=2000&slots=%5B%7B%22sd%22%3A%22ad-2827002%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-3426075%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-3489852%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-2827005%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F58580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.119.202 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-119-202.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.thestar.com
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: VYd4JWMoJSZR6GaJSugQd7PAzMZc5zBUSCGJbF4eI7eEuA2Sr6lryA==
date: Thu, 19 Sep 2024 18:49:50 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: FRA60-P1
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 67ms
22ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62250
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 6B7NmjilKr5YQWo1mRtoIFuhM4RO8xSWV8KIaCqR84Xm7hFY_eP8yw==
date: Thu, 19 Sep 2024 01:34:58 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 185ms
135ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5071905434894336
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json
vary: Origin

GET
H2 200 id Show response
dpm.demdex.net/ 387 B
929 B 163ms
57ms XHR
application/json 54.228.160.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1726771791040

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.228.160.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-160-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

541de102c9a9c7339365824372a175bf6c88fb8a2a77b092664cd14c131935a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v065-0f3bcf1c5.edge-irl1.demdex.com 4 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: /bX4m6hISP8=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.thestar.com
content-length: 324
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/ 35 KB
13 KB 34ms
33ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"964f8cb588092ac645368e7307eb73ac"
age: 1461
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: QCSx-mXXuH1711F4_kRBlp_a_sfiK3Ni7PXF7TPYJn_QqgFntniLxw==
date: Thu, 19 Sep 2024 18:25:31 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/ 3 KB
2 KB 33ms
33ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/hostedLibFiles/EPc7341b33570d4c988798fc9f0093d4b2/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"9cf185793291692f744c78c75da01dd8"
age: 1461
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: Lm_pcMzJDscNHM10uivNJ-z36YMuCunzT16Y7MY8cJICrjKj4nbDiQ==
date: Thu, 19 Sep 2024 18:25:31 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 7E88 0
0 90ms
45ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=de&v=EGbODne6buzpTnWrrBprcfAY&size=invisible&cb=jqilu9k3cz9z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J9U03Eto583DytI1gjmQ9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-J9U03Eto583DytI1gjmQ9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 18:49:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 136ms
136ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=klvKiXG8&w=5166328627855360&o=5071905434894336&cv=2.1.55-1-g5201404&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&sid=5LxAorHWH&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5071905434894336&upapi=true&async=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

via: 1.1 google
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
vary: Origin

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 293 KB
99 KB 43ms
42ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

92f3f9116024c08e49037585b1e9f4e41acff62ec1fbe0936afda9f5f7c4465f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Thu, 19 Sep 2024 18:49:51 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101546
date: Thu, 19 Sep 2024 18:49:51 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 103 KB
28 KB 93ms
32ms Script
text/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e3718c850c94db1e3daa959e53737254c607f52f2d672182df6ac3a91386885

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: 0zSZGXmaFl7u_EsnpPI2uvmKxv4SmEYW
etag: W/"4b35d51638965e83bf833be4d011abea"
age: 105
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: -WAj7sJWcqmjjiTN0YgvILG4Fc6zuAvl8xuJZPBKnPmY2xAUPBqdJA==
date: Thu, 19 Sep 2024 18:48:11 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 30 Jul 2024 19:42:29 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 RC95783d5d1ea1445dbf2aeecc8ffa211e-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 440 B
820 B 35ms
35ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC95783d5d1ea1445dbf2aeecc8ffa211e-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33b24d14ebd37a67fb1944d0d519ffdcda71d5bbabf859a963f790b56eeeb823

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "f6066694e7885a98ba59db540e412c20"
age: 1461
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 440
x-amz-cf-id: WCeBCQOxGhExJAykpNe5l09OnCiYAuX8OHNxqm-1pgM7MexFKneXhA==
date: Thu, 19 Sep 2024 18:25:31 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 targeting Show response
thestar.cloud.optable.co/prod-thestar-com/v2/ 442 B
533 B 113ms
113ms Fetch
application/json 34.149.155.241
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://thestar.cloud.optable.co/prod-thestar-com/v2/targeting?cookies=no&passport=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6InY6M20wOGEzNUJQYXlRQzUxQzFXVlM5RiIsIm5ldyI6dHJ1ZSwiZXhwIjoxNzU4MzA3NzkwfQ.OajWncJJzAwyIUMPvKowEozR1gpKp5i6gNztSW3IzZEo26tYH_70Ygv5Sl65cYllbMlFQmP2uaBeuNWLmz3Qqg&osdk=web-v0.19.1
Requested by: Host: thestar.solutions.cdn.optable.co
URL: https://thestar.solutions.cdn.optable.co/public-assets/thestar-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.155.241 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 241.155.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e694226cb8066165b2b08e7a50c64971a1eab63f1f6a27e83b07f976251f6934

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://www.thestar.com/

Response headers

access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 442
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json; charset=utf-8
vary: Origin

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 95ms
36ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=45je49h0v887944298z89101115636za200zb9101115636&_p=1726771790647&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686684&cid=1807008037.1726771791&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726771791&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Site_Type=core%20site&ep.Logged_In_Status=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=2005
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 94ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=1807008037.1726771791&gtm=45je49h0v887944298z89101115636za200zb9101115636&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686684
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 214ms
179ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=1807008037.1726771791&gtm=45je49h0v887944298z89101115636za200zb9101115636&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101686684&tag_exp=101686684&z=1216342136

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 18:49:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 70ms
34ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=45je49h0v873043922z89101115636za200zb9101115636&_p=1726771790647&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1807008037.1726771791&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726771791&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&en=page_view&_fv=1&_ss=1&ep.Site_Type=core%20site&ep.Logged_In_Status=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&up.Torstar_User_ID=&up.Entitlement_Status=&tfd=2028
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 72ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=1807008037.1726771791&gtm=45je49h0v873043922z89101115636za200zb9101115636&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 190ms
177ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=1807008037.1726771791&gtm=45je49h0v873043922z89101115636za200zb9101115636&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1169812354

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 18:49:51 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 66ec4e76e6062.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/a/8d/a8d373a4-1a74-5143-b1b4-ae8f795a41f6/ 23 KB
23 KB 41ms
41ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/a/8d/a8d373a4-1a74-5143-b1b4-ae8f795a41f6/66ec4e76e6062.image.jpg?crop=1763%2C1175%2C0%2C0&resize=400%2C267&order=crop%2Cresize

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1deabf033147433afcdf4b0d64c6e49d564ba704b564c6c242f31395edb450bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "2337188335451d5025cfdd19b148c2ad"
age: 5415
cf-cache-status: HIT
expires: Fri, 19 Sep 2025 16:54:35 GMT
cf-polished: origSize=25099, status=webp_bigger
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 16:16:56 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20f1c4ad3b9-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 66ec3b355a8b0.image.jpg
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/d/ef/defaa9df-3a45-56ee-bac9-4f63ad3b365d/ 5 KB
5 KB 37ms
37ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/assets/v3/editorial/d/ef/defaa9df-3a45-56ee-bac9-4f63ad3b365d/66ec3b355a8b0.image.jpg?crop=1643%2C1095%2C0%2C82&resize=150%2C100&order=crop%2Cresize

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d462651e9f87a8eb241f85f611bff6666e4364de38b2ccb6ced15fe5fe2a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "146ece345c16ab4c83dbf9340e93e584"
age: 6367
cf-cache-status: HIT
expires: Fri, 19 Sep 2025 16:13:47 GMT
cf-polished: degrade=85, origSize=4916, status=webp_bigger
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 14:54:48 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc20f1c4fd3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4801
server: cloudflare

GET
H2 200 AGSKWxWh-LEuJAUPeiJNz_QJjy74CFJk99gySkVInjV_pbX8ooFAFSLgwtvpj2uor-neD_UEs2ane-SaFeldHtx7Sg1pU_7VRMPYnYGuWkkH-XQJK8T41JOXbIiJQ2cUOhEx1jyIXNuDlQ== Show response
fundingchoicesmessages.google.com/f/ 427 KB
63 KB 152ms
151ms Script
application/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWh-LEuJAUPeiJNz_QJjy74CFJk99gySkVInjV_pbX8ooFAFSLgwtvpj2uor-neD_UEs2ane-SaFeldHtx7Sg1pU_7VRMPYnYGuWkkH-XQJK8T41JOXbIiJQ2cUOhEx1jyIXNuDlQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI2NzcxNzkxLDIzNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cudGhlc3Rhci5jb20vLy8iLG51bGwsW1s4LCJQdmIyeEVEMVAwUSJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbOTUzNDAyNTFdLG51bGwsMV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Pvb2xED1P0Q.es5.O/am=KBg/d=1/rs=AJlcJMy1ot8J5lZ0THVgdHrTnrDZ_4uUOA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a03c1dc4e7bbc413858069b6b4fdb39b30c3ab732234ce8b712022c56c074f7d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vUDPt78ddL5X0rS_3SuA3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamDU4pJi8NOQYjh56zbTRSA-73SH6ToQS3x9yaQBxE7pM1iDgLj15jnWqUCc9O88axEQu2tdZPUH4iURF1kPJV5kNVS4xOoIwkWXWD2BWLXnEqspEN9fd4n1ORDv_XiJ9SgQF0lcYW0CYl-vK6yhQCzEw3H-ycbtbAITmratZlTSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMbA0tNAzMIkvMAAA-vlMoQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-vUDPt78ddL5X0rS_3SuA3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 ingest
i.viafoura.co/v3/www.thestar.com/ 67 B
200 B 350ms
115ms Image
image/png 52.55.86.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/www.thestar.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1726771791%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%22decfc7e6-491f-406f-9b47-cb075f275344%22%2C%22firstVisit%22%3A1726771791%2C%22previousVisit%22%3A1726771791%2C%22currentVisit%22%3A1726771791%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1726771791%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22www.thestar.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22section%22%3A%2200000000-0000-4000-8000-032a225cd465%22%2C%22pageImage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fthestar.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2Ff84403b8-7d76-11ee-9d02-a72a4951957f.png%3Fresize%3D600%252C600%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%22%2C%22path%22%3A%22%2F%22%2C%22title%22%3A%22Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22thestar.com%20is%20Canada%E2%80%99s%20largest%20online%20news%20site.%20Live%20news%2C%20investigations%2C%20politics%2C%20sports%20and%20the%20heartbeat%20of%20Toronto%2C%20Canada%27s%20largest%20city.%22%2C%22topics%22%3A%5B%22toronto%20star%22%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22de-DE%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%221722a9f2-aee2-4068-99db-e5268237aee2%22%2C%22w%22%3A%5B%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.86.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-86-201.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 67
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/png

GET
H2 200 dest5.html
torontostarnewspaperslimited.demdex.net/ Frame 6746 0
0 155ms
49ms Document
text/html 34.243.156.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.243.156.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-156-227.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 19 Sep 2024 18:49:51 GMT
dcs: dcs-prod-irl1-2-v065-0d963267a.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 2 Sep 2024 11:00:17 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: RxKCJmD8SWY=

GET
H2 200 id Show response
s.thestar.com/ 48 B
459 B 126ms
37ms XHR
application/x-javascript 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=15332170548456394790143776888713576732&ts=1726771791251

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

80050c5d0cb800040fad266278961ca20bab0154aca10c4d17a4e0889cb1e9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.thestar.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Thu, 19 Sep 2024 18:49:51 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=ZuxyTwAAAE0ZIQNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=15340580087920233570140677262745688854
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZuxyTwAAAE0ZIQNn

42 B
717 B

53ms
52ms

Image
image/gif

54.228.160.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZuxyTwAAAE0ZIQNn

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Server

54.228.160.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-160-99.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v065-06a34db27.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: mORYSJZsSkg=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZuxyTwAAAE0ZIQNn
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Thu, 19 Sep 2024 18:49:51 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2 200 RC63c5c55211614c09846fe018e715ee1c-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 1 KB
1 KB 38ms
37ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC63c5c55211614c09846fe018e715ee1c-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2771a0d3273c61715140f7259d31a0e73d7f7ee1702b67ec7a68445b42f1537b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"6395db70789594bd7b1d1c297f922af2"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: JNIEb_vbbYn5D8iyAHzoUeXdfBE9nk8EdffCFouW1eA_Q3gyT_bdww==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC398ded7f8b2845c1bfb3f0b75c7ab156-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 1 KB
1002 B 39ms
37ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC398ded7f8b2845c1bfb3f0b75c7ab156-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d25c7119762687649bbe8a8c832524947f0d93298bb173ef3f0add82f450fbd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"234d2a0e137af9b03b4ad14eca5e7d67"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: tL84LE7Xru8PqmGKgnFafO7aJEeL651ec0KQ0iKu-Qps-mHPsqkKmw==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC9ea026c2df5f44d68cddf15f76c2dc29-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 1 KB
950 B 39ms
37ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC9ea026c2df5f44d68cddf15f76c2dc29-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 517a52322b65057d65fad8389365a8993a991c4b70986eeb89790fa94edbb64a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"930794d2aaa70b5a82441b3950dfb951"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 5r2TEVOu_qVtBgRvV8_EVoZS-_ePabRHQyR993qUC5BBmJnk7tWmDg==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC426c5018c2544bdc8430261e558b5295-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 1002 B
969 B 40ms
38ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC426c5018c2544bdc8430261e558b5295-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dadfc275da68cf3890e3fea42db5f334848e9cb95014b655434fca385ebd2e5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"ba5e6440ee65079852bc4221d4b94066"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: D3_QYUcZ6mzsWRJq2fjQT56z7HUfE4vfN5CvTKnbJ8i_BBuqFOunyg==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC5a39a22c862847f38e172ad93f6024cf-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 962 B
1 KB 41ms
39ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC5a39a22c862847f38e172ad93f6024cf-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49460c5bb5f8b3b1f6deaeab185b8cbd840f024ff0f4539794f9e55d29a275ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "ba26ca2ff63f3c93030e42ad885983bf"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 962
x-amz-cf-id: V7Zk7kP_-R3ZYwMhy9PBrGHIEcL9RqQCzAQFuoEAyotAm4OakK6usQ==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RCa3f586d2734746b6b7358849e3b16cf1-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 1 KB
917 B 43ms
41ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RCa3f586d2734746b6b7358849e3b16cf1-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e3171015a43e7378b04219b7cf6e9faccc6c750f18b74bab9d831ac2df0ca59

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"6418fe5a11073fc882e85a0de2584f69"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: _0YvLE0ti3Z8OOkXoXN8cNSc_F3gWe42cNvRfE3ID2mdeUb85F88VQ==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC055d01a0647247e58ba6da2d93261f84-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 965 B
1 KB 42ms
40ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC055d01a0647247e58ba6da2d93261f84-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc7b3a764cfbb99156b58e65fb1cbf93233c953854e8195c758029ef5a86539f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "43169ee5b06d1439c9e391020efd63a4"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 965
x-amz-cf-id: V713BmLB3xzKJcHnB1B2jzJPc03Fh8uRqa3nn7eWChfh8H1XEpiq_w==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC9b3c40b8ae1f4b43a2cd0813deba1ef2-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 953 B
1 KB 47ms
45ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC9b3c40b8ae1f4b43a2cd0813deba1ef2-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22d267ce684b1fe80086ec1e1eb85b9c6a415b539a28d238c46988b380063f72

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "2508144024b52381a09994740d17f847"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 953
x-amz-cf-id: oOedWJWdTVcRdmWTZYI2BxrZ2wwfUGbOTPeco1EKi_HtqEidilp34w==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC9aa093af65884bc6ac2250f5e9db9dfe-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 431 B
811 B 48ms
46ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC9aa093af65884bc6ac2250f5e9db9dfe-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d26735eddb23844cc7031c230a1d352718423f191c26a3ed0aa2c1364e8253c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "407111769f7b64b9e4f73208fbc40fd1"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 431
x-amz-cf-id: erN-yE8wjsQgb4EU7y_HM70wiUtcINR-zUynTN_UQ3OpoW1zyCmsJQ==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 10 KB
2 KB 61ms
20ms Fetch
application/json 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 713ce628535c66ef3e3439611569fed5dbda355deca4884062f1109542c86fff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: Ywu_LJJbtO2GMm2l0tbgOcwiBaPgllWG
etag: W/"9d9b54da8961b1f0e311daa4c7c6289c"
age: 9839
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: HxMWUUlGgfwSTFL54ktK_ExSa_WV87_qAhc-fgCi6obOdEhaMLu4sg==
date: Thu, 19 Sep 2024 16:05:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 25 Jul 2024 16:07:23 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 f741e5a55bc5bd136ac1f5406bb11d88.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 46ms
23ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4412, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5GNfUJpgq1LWV6Uo0L6Lp8xEAzlG74wLL39qkZTWbNo9ar+P9ls2/K7dJR/vFRwuoaZUMeNyOkUsNw4thocMJg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 58953
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
93 KB 41ms
41ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c464247f9a68599bb425e7344e126b4a6562c87e6b824f4ad64cdf744b451f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 95142
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
93 KB 47ms
47ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f5c3f7d191cf53de953cbca211fc57b206acc15b58142ac12cb9bcfcba748a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:28:05 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 95137
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 36ms
36ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14475035

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6e372b3cb930d718a9724e03a87269d83b451251f29f49a559f61c2f8297678e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:28:05 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 79064
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
77 KB 45ms
45ms Script
application/javascript 142.250.185.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14475035&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7bc03dd1a4a386d9d9c7e44a6c9e96d84ea72e8d9d848baf3ba0f657770d85b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: br
expires: Thu, 19 Sep 2024 18:49:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Sep 2024 18:28:05 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 79079
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 336ms
23ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
accept-ranges: bytes
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15412
date: Thu, 19 Sep 2024 18:49:51 GMT
x-tw-cdn: FT
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220021-FRA
x-amz-server-side-encryption: AES256

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 88ms
24ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "71b328aff914ada8b774bfa8fff542c4"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12116
date: Thu, 19 Sep 2024 18:49:51 GMT
last-modified: Thu, 20 Jun 2024 19:23:03 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 133ms
37ms Script
application/javascript 2a02:26f0:3500:10::210:a9b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: max-age=43398
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Thu, 19 Sep 2024 18:49:51 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 129ms
45ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "016326a20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A653584BEED4D9C9BB036DDC3889235 Ref B: FRA31EDGE0814 Ref C: 2024-09-19T18:49:51Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14305
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
vary: Accept-Encoding

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 79ms
28ms Script
application/javascript 2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=7200
content-encoding: br
etag: "b37f6fea55e9029c9c9d413c47f69cb7"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 1878
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 RC3b1c54f6da2945b5b4928190efbd9c68-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 329 B
709 B 38ms
35ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC3b1c54f6da2945b5b4928190efbd9c68-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89b791a1b0bb12330cfb4f37df8d2cfaa8c791ca314ee7883bff7fed88851ae9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "85a290c7cc51710a0d417d0aaabfcc09"
age: 1457
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 329
x-amz-cf-id: JdzWO04aFxr5QsBmy1dLsFomwAfuigyjhxNWsT7PEEZyX4TpByCHBQ==
date: Thu, 19 Sep 2024 18:25:35 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 tsub-middleware.bundle.c0f5511a001f780f591f.js Show response
cdn.segment.com/analytics-next/bundles/ 18 KB
6 KB 29ms
27ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id: ot1syIPz_4SEEXctAcFzoJMAfu_hQEig
age: 4843532
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 1S-h0sXayJEmrTSwJ0xS6Yxll-zc0BeAuxZBTfk1V29-1uf0336WyA==
date: Thu, 25 Jul 2024 17:24:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Jul 2024 22:02:58 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 RCb10d7e91614b4d1d96901f4a330a5194-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 4 KB
1 KB 41ms
40ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RCb10d7e91614b4d1d96901f4a330a5194-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00784cf75c31cac8dd1aa368b02f337747843e0d427fd79f2b01446706e34d6c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"9cc8a6cbcb1c48f229b37437dc805983"
age: 1456
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 4u8qqR2i4fGjVhDmT9VGiNR5aRLHVCBz_FZtCtjhKW_4lCFNp0YjKg==
date: Thu, 19 Sep 2024 18:25:36 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 22ms
22ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: a92RueFpwWNG4YB0W.6QPKGdauE3iLaV
age: 1219600
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 1_zvB1urou3UK4-m0ELFLB3Yy-RoX8RvEx29HRvhvdrdlmS1me3Cag==
date: Thu, 05 Sep 2024 16:03:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 03 Sep 2024 19:49:17 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 306 KB
94 KB 280ms
280ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.167&r=stable&domain=www.thestar.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

6d0418142532113eda1c31d85a5785ad886b41a16d2439c722a6e9eb15601efe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=74, mss=1232, tbw=67114, tp=63, tpl=0, uplat=260, ullat=0
pragma: public
x-fb-debug: KH1I6E61kP37hovGdFnu5rYCnVclqxB0SLfcNzOUagFFKmbsK0v589Uyy6TXegK5Wpp8FVxcIJybb0CkiLfCLQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 main.97c41ef3.js Show response
s.pinimg.com/ct/lib/ 82 KB
23 KB 22ms
21ms Script
application/javascript 2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 86400
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
content-encoding: br
etag: "e1539e83e14f862d3b381b23e74d63fa"
x-cdn: fastly
access-control-allow-methods: GET
alt-svc: h3=":443";ma=600
access-control-allow-origin: *
content-length: 23701
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 38ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Pvb2xED1P0Q.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx2PP08tqixNtthVWyxbdEQCF2TTQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 19 Sep 2024 18:49:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 19 Sep 2024 18:49:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_kcsr8bo/ 3 B
87 B 23ms
21ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_kcsr8bo/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json

GET
H2 200 t2_kcsr8bo_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 73ms
30ms XHR
application/json 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_kcsr8bo_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 76ms
23ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1726771791481&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=e72e18c0-446f-4682-b62c-aeddf14f0cb1&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/gif
server: Varnish

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 21ms
21ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: vP0unh.TjiFaIe3QG8FvwWCBqNSPg0tw
age: 1219593
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: A61JXos6XLwjoAdhW9Q_6lDDkx2cuaD-qe_XpLlGmzrHqM_2TQrG4w==
date: Thu, 05 Sep 2024 16:03:19 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 03 Sep 2024 19:49:17 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 3de687dde9ccf524586562826ee53358.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://www.thestar.com/

Response headers

age: 420511
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Sep 2025 22:01:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Sep 2024 22:01:20 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 28ms
27ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.thestar.com
Referer: https://www.thestar.com/

Response headers

age: 195960
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Sep 2025 12:23:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Sep 2024 12:23:51 GMT
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128352
x-xss-protection: 0
server: sffe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 30ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je49h0v887101457z8861227858za200zb861227858&_p=1726771790647&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=0&cid=1807008037.1726771791&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&dl=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&sid=1726771791&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.thestar.com%2F&ep.content_group=%2F%2F&epn.townnews_crm_group_id=848&ep.generator=BLOX&ep.generator_version=1.81.0&tfd=2422
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 28ms
28ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1807008037.1726771791&gtm=45je49h0v887101457z8861227858za200zb861227858&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: Golfe2

GET
H2

200

activityi;dc_pre=CN-hgprWz4gDFavZEQgdhxEdvA;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
14475035.fls.doubleclick.net/ Frame EE87
Redirect Chain

https://14475035.fls.doubleclick.net/activityi;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
https://14475035.fls.doubleclick.net/activityi;dc_pre=CN-hgprWz4gDFavZEQgdhxEdvA;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=...

0
0

46ms
45ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14475035.fls.doubleclick.net/activityi;dc_pre=CN-hgprWz4gDFavZEQgdhxEdvA;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49h0v9190903233za200zb72758733;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tcfd=10001;tag_exp=101533421;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-14475035

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 708
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 18:49:51 GMT
expires: Thu, 19 Sep 2024 18:49:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 18:49:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14475035.fls.doubleclick.net/activityi;dc_pre=CN-hgprWz4gDFavZEQgdhxEdvA;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49h0v9190903233za200zb72758733;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tcfd=10001;tag_exp=101533421;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxXNzsLOIb8GfQvr4QjI_86j5La0kW5n1cEL7O3s6YD3UWfy3dbzMkWRjKh8p7HZctCvWITJOBmxPOCl9SYKDSUoFWkQCcjRtesX65V7co0Pqg_6u4TJIhP3C3_rQ9N6N4XEXmzGwg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 73ms
30ms XHR
text/html 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXNzsLOIb8GfQvr4QjI_86j5La0kW5n1cEL7O3s6YD3UWfy3dbzMkWRjKh8p7HZctCvWITJOBmxPOCl9SYKDSUoFWkQCcjRtesX65V7co0Pqg_6u4TJIhP3C3_rQ9N6N4XEXmzGwg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w6TRlBWdwz7r4ZVkrrc4zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDjOP9m4nU3gwvWNW5mUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBpaGFnoFZfIEBAH6eLp0"
content-security-policy: script-src 'report-sample' 'nonce-w6TRlBWdwz7r4ZVkrrc4zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.thestar.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXNzsLOIb8GfQvr4QjI_86j5La0kW5n1cEL7O3s6YD3UWfy3dbzMkWRjKh8p7HZctCvWITJOBmxPOCl9SYKDSUoFWkQCcjRtesX65V7co0Pqg_6u4TJIhP3C3_rQ9N6N4XEXmzGwg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gt33QrX12u90PfmKPzFnFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.thestar.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWfd-vMR6FIiFeDjOP9m4nU3gxPzerUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTA0tBCz8AsvsAAAGLCLjs"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gt33QrX12u90PfmKPzFnFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.thestar.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 497ms
496ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1807008037.1726771791&gtm=45je49h0v887101457z8861227858za200zb861227858&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1503910934

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 19 Sep 2024 18:49:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 activity;register_conversion=1;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
ad.doubleclick.net/ 0
23 B 57ms
56ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14475035;type=invme0;cat=rp-to0;ord=195140325972;npa=1;auiddc=1891677260.1726771791;ps=1;pcor=26141618;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe49h0v9190903233za200zb72758733;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tcfd=10001;tag_exp=101533421;epver=2;~oref=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"8199392763308521290"}],"aggregatable_trigger_data":[{"filters":[{"14":["100557576"]}],"key_piece":"0x3edd383eb69292d9","source_keys":["12","13","14","15","16","17","18","19","20","21","18246936","18246937","18246938","18246939","19864628","19864629","19864630","19864631","22948992","22948993","22948994","22948995","640942780","640942781","640942782","640942783"]},{"key_piece":"0x712419ac2acef233","not_filters":{"14":["100557576"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","18246936","18246937","18246938","18246939","19864628","19864629","19864630","19864631","22948992","22948993","22948994","22948995","640942780","640942781","640942782","640942783"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"18246936":327,"18246937":327,"18246938":327,"18246939":31784,"19":65,"19864628":93,"19864629":93,"19864630":93,"19864631":9081,"20":65,"21":6356,"22948992":32,"22948993":32,"22948994":32,"22948995":3177,"640942780":218,"640942781":218,"640942782":218,"640942783":21189},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"5404016531168511604","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"8199392763308521290","filters":[{"14":["100557576"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"8199392763308521290","filters":[{"14":["100557576"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"8199392763308521290","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"8199392763308521290","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14475035"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 85ms
23ms Script
application/javascript 3.161.75.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.75.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-75-65.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

ETag: "5eb31be4-3a2"
Age: 55673
Expires: Fri, 20 Sep 2024 03:21:58 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: XQwIjwhrU3O9AXmb-V-A7klEFBBzK_wOAWjkCgdnGtdYHKYSYlHczA==
Date: Thu, 19 Sep 2024 03:21:58 GMT
Content-Type: application/javascript
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Cache-Control: max-age=86400, public
Pragma: public
Connection: keep-alive
Via: 1.1 950827d16996e598fc854bddb58b3ff0.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 930
X-Amz-Cf-Pop: FRA56-P10
Server: nginx

GET
H2 200 RC94dfc90f975c45c2ac1491b9b20fa7b7-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 756 B
1 KB 33ms
33ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC94dfc90f975c45c2ac1491b9b20fa7b7-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e36caf6f59707c991b15f27e19c887cb5ed767e4e2d58692560c91442434eb69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "13effa559e1192ce5a4c561d2da5e5b3"
age: 1455
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 756
x-amz-cf-id: qQWUOZ4LyzCeLAVLUJuVrMTrb2kWBGJV7NoV9eOZQTrx345u9e084A==
date: Thu, 19 Sep 2024 18:25:37 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 2117 0
0 34ms
34ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=EGbODne6buzpTnWrrBprcfAY&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WkqX1TKoujqk9ItiSrEl2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WkqX1TKoujqk9ItiSrEl2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Sep 2024 18:49:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 13008914.js Show response
bat.bing.com/p/action/ 370 B
421 B 46ms
46ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65086FC56C9E42119F56662CFAEFEB09 Ref B: FRA31EDGE0814 Ref C: 2024-09-19T18:49:51Z
x-cache: CONFIG_NOCACHE
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 223ms
166ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://www.thestar.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 0006227d6341fd2b5b1f60bb4fd2e4bf
x-msedge-ref: Ref A: 8DB9966207EB4B1B998F1C429BBCE579 Ref B: FRAEDGE1505 Ref C: 2024-09-19T18:49:51Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYifWNB/StbH2C7T9Lkvw==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&e_ipv6=AQI4f0UC6qUiXgAAAZILnofL5UhC...

0
267 B

246ms
186ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&e_ipv6=AQI4f0UC6qUiXgAAAZILnofL5UhCDIXkEuKCIJ_uwGmMr-FhQxITlkf15PerY83Za_z8t4fktsHyNw
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 33D673C228BD41C39B9633DF0A855E0E Ref B: DUS30EDGE0916 Ref C: 2024-09-19T18:49:51Z
x-li-fabric: prod-lor1
x-li-uuid: AAYifWNGFrX6dMVZbkxwjA==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1726771791656&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&e_ipv6=AQI4f0UC6qUiXgAAAZILnofL5UhCDIXkEuKCIJ_uwGmMr-FhQxITlkf15PerY83Za_z8t4fktsHyNw
x-msedge-ref: Ref A: FC9CA586F5434D2ABDEE31F93FFBCC54 Ref B: DUS30EDGE0312 Ref C: 2024-09-19T18:49:51Z
x-li-fabric: prod-lor1
x-li-uuid: AAYifWNCVJT4+KIN5DqUBQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
766 B 143ms
77ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612846434758&cb=1726771791659&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

access-control-expose-headers: Epik,Pin-Unauth
content-encoding: gzip
x-pinterest-rid-128bit: 8e61287d118f2a74605103c15f953c8e
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pin-unauth: dWlkPU0yWTRaRGRpTmpndE9EQXdNQzAwTTJFMUxUbGxPVGt0TkRFM016WmpPRFEwTkRjMA
pinterest-version: c530a5e6436b5194f7311a4a0e2aa55c05d7217e
access-control-allow-origin: https://www.thestar.com
content-length: 185
akamai-grn: 0.986656b8.1726771791.7580627a
x-pinterest-rid: 6940332629821832

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
542 B 120ms
88ms Fetch
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%5C%3Dtrue%5C%5C%2Fcontests.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2297c41ef3%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1726771791692

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-pinterest-rid-128bit: a30ad826edfe75eebfa1b0b269b05438
expires: Sat, 01 Jan 2000 00:00:00 GMT
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-cdn: akamai
access-control-allow-credentials: true
referrer-policy: origin
pinterest-version: 04c72559290fb12af78741d63dcb884b64587706
access-control-allow-origin: https://www.thestar.com
content-length: 35
akamai-grn: 0.986656b8.1726771791.7580627b
x-pinterest-rid: 1380851221281848

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
174 B 562ms
186ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.thestar.com
content-length: 21
date: Thu, 19 Sep 2024 18:49:52 GMT
content-type: application/json
vary: Origin

GET
H2 200 RC53b21e2920be46a880bf9aabf649de50-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 14 KB
3 KB 41ms
40ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC53b21e2920be46a880bf9aabf649de50-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91c9878d148c19e62a7f3010ddef8aeeb06080cc8b0c81a5ff9ea70d8be94b5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
content-encoding: gzip
x-amz-version-id: null
etag: W/"76f52d446983933fa1ead810af86127d"
age: 1456
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: AEjD_feEVnxH0po7k7hKDISOOCQUqvfbx26-CpfpU9uhpeJ7bby3Cg==
date: Thu, 19 Sep 2024 18:25:36 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RC4373f324d36c45f38cee5e27958a1894-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 709 B
1 KB 39ms
38ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC4373f324d36c45f38cee5e27958a1894-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 887f9246ab91efe9af907928584c5e359d37e15f724a20187f6e5134a6e66fd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "6481f60e096920eea7cee542ad0beb61"
age: 1456
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 709
x-amz-cf-id: CydFC4d9brzojVIxMBllszMjK9Bf4qqhBiMae-B_sAQv9aQyAd1gSw==
date: Thu, 19 Sep 2024 18:25:36 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 204 0
bat.bing.com/action/ 0
286 B 47ms
46ms Image
text/plain 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=11b4ccba-f572-4412-b68e-d6ad6ccec505&sid=f409540076b711ef9f98956d3fc22a9b&vid=f409400076b711ef9c3fcd465c6517f6&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Breaking%20News%20-%20Headlines%20%26%20Top%20Stories%20%7C%20The%20Star&kw=toronto%20star&p=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&r=&lt=1604&evt=pageLoad&sv=1&cdb=ARoV&rn=921515

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 289C01EEA909411482B7A5E3423674BE Ref B: FRA31EDGE0814 Ref C: 2024-09-19T18:49:51Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Thu, 19 Sep 2024 18:49:51 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 76 KB
27 KB 82ms
25ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fe7ca5b465b338f88ef1f4db8dcbd5df9055f9bc3cd48d4b81c138298a848743

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

cache-control: max-age=86400, public
content-encoding: gzip
pragma: public
etag: W/"66450437-13027"
age: 56812
via: 1.1 5d59ec457bae9e2b9df45a357eeeffd2.cloudfront.net (CloudFront)
expires: Fri, 20 Sep 2024 03:02:59 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 8eOS9pLD-li4lZmiNopqNv04YLH4LmulufQvk9BkztdecHCzg3Ff3g==
date: Thu, 19 Sep 2024 03:04:17 GMT
content-type: application/javascript
last-modified: Wed, 15 May 2024 18:51:35 GMT
server: nginx
x-amz-cf-pop: FRA56-P10

GET
H2 200 adsct
t.co/1/i/ 43 B
625 B 266ms
212ms Image
image/gif 172.66.0.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=479ea0f0-5d3c-4f52-b66e-29e03b5d3be1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=32b50187-3483-464f-8c28-c75ee341030a&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.30

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 228c718ec7ab0c2a
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 0139f0d3dac7f5e2e8df76c01b14c56babff80c66c067c2d84d485e7ec812ec5
cf-cache-status: DYNAMIC
cf-ray: 8c5bc212a9449189-FRA
x-response-time: 175
content-length: 43
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_o

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
724 B 186ms
130ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=479ea0f0-5d3c-4f52-b66e-29e03b5d3be1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=32b50187-3483-464f-8c28-c75ee341030a&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.30

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: 9d9de42bf4c55241
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 5190fad0b82afc25907715cef2d7fc07b74b182c4c3dcb1f3ef80cfe2b75052e
x-response-time: 107
content-length: 43
date: Thu, 19 Sep 2024 18:49:51 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_o

GET
H2 200 s62556103456455
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.26.0-LEWM/ 43 B
307 B 39ms
38ms Image
image/gif 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.26.0-LEWM/s62556103456455?AQB=1&ndh=1&pf=1&t=19%2F8%2F2024%2020%3A49%3A51%204%20-120&mid=15332170548456394790143776888713576732&aamlh=6&ce=UTF-8&ns=torstardigital&cdp=2&fpCookieDomainPeriods=2&pageName=thestar%7Chome&g=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&cc=CAD&ch=home&server=thestar.com&events=event72%2Cevent118%2CprodView&products=blox-overlay%3Boverlay%3Afirstup_thestar_1xweek_corrected%3B%3B%3B%3BeVar8%3Doverlay%3Afirstup_thestar_1xweek_corrected%7CeVar9%3Dfirst-up&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&h1=D%3D%2B%22thestar%7C%22%2Bh2&c2=home&h2=home&c4=D%3Dg&v4=D%3Dg&c9=breaking%20news%20-%20headlines%20%26%20top%20stories%20%7C%20the%20star&v12=overlay%3Afirstup_thestar_1xweek_corrected&v15=landscape&v16=standard-web-experience&c18=no&c19=D%3Dserver&c24=desktop&c26=not-specified&v29=https%3A%2F%2Fwww.thestar.com%2F&c43=toronto&v49=D%3DpageName&c51=no-adblock-detected&c55=D%3Dmid&c56=no&c57=home&c70=D%3Dserver&v79=no&v80=no&v83=no&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&AQE=1

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3708214185568534528-4618586224389515929
x-content-type-options: nosniff
expires: Wed, 18 Sep 2024 18:49:51 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Thu, 19 Sep 2024 18:49:51 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 20 Sep 2024 18:49:51 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

POST
H2 200 78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf Show response
pixel.thestar.com/events/ 0
317 B 373ms
114ms XHR
text/plain 2600:1f18:1430:9000:45be:690a:e1e9:1615
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events/78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.167&r=stable&domain=www.thestar.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1430:9000:45be:690a:e1e9:1615 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.thestar.com/

Response headers

access-control-allow-origin: https://www.thestar.com
content-length: 0
date: Thu, 19 Sep 2024 18:49:52 GMT
vary: origin
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 67ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&rl=&if=false&ts=1726771791755&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726771791753.997667540246859178&eid=ob3_plugin-set_62e2cf286ea9794633ff09b9650c6f40272e342642dc14c7f279d96bd059bddf&cs_est=true&ler=empty&cdl=API_unavailable&it=1726771791428&coo=false&rqm=GET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 187ms
140ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&rl=&if=false&ts=1726771791755&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1726771791753.997667540246859178&eid=ob3_plugin-set_62e2cf286ea9794633ff09b9650c6f40272e342642dc14c7f279d96bd059bddf&cs_est=true&ler=empty&cdl=API_unavailable&it=1726771791428&coo=false&rqm=FGET

Requested by

Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7416428370546061215"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x1c9fa8ed80f23eb5","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:884129105019052","7830:884129105019052","10853:884129105019052","41:884129105019052","8046:884129105019052"]},"debug_reporting":true,"debug_key":"2674759153331539229"}
date: Thu, 19 Sep 2024 18:49:51 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7416428370546061215", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 6PK5b+XB6ttjMbIBgcPoKY77C2nfPXVfYA4wjs86TsA3wAKujLYCkgfpt6HXBHreQvruYKtQfShegeRT020duA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1297, tbw=3092, tp=-1, tpl=-1, uplat=119, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 RC56a54e34b8eb4229836d5628f622c036-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 818 B
1 KB 36ms
36ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RC56a54e34b8eb4229836d5628f622c036-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cab0a14a1ae3cdc5914d86814bbafafadb5befcec7ebe7b9ca53e2da503c84f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "629e12cd6266734fb64480f520862f8e"
age: 1455
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 818
x-amz-cf-id: jMZ3wgjOo6XFfqdS_IjxCGjeDVgWVJMjbab224mgxre4Hml33Bf53Q==
date: Thu, 19 Sep 2024 18:25:37 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:04 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/ 621 B
1001 B 34ms
33ms Script
application/javascript 18.239.208.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/fd346c25cdab/RCfdefc67c0ed94b76af30fac1dfc1ce8b-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/55637cf57ed4/launch-9387fe3a1e9f.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.208.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-208-117.bru50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b33ddb074422bbc280b17dc819865e9068013f0bb68d4bd6f06d2bc9dc56c3af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-amz-version-id: null
etag: "f57794d1131fe8b6a9f7985ad3395761"
age: 1456
via: 1.1 923b257861428e30a3cf7fb7a3374926.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 621
x-amz-cf-id: oRVGn_QFuYiha5ti9eQ7mJE6bJNFWE-SbPhVadZkWBQprD8ICOtcyw==
date: Thu, 19 Sep 2024 18:25:36 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 18:24:05 GMT
server: AmazonS3
x-amz-cf-pop: BRU50-P1
x-amz-server-side-encryption: AES256

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 76ms
24ms Script
text/javascript 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
age: 68268
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: q39niT6NUA9fzw9y4TiXLrwEfSVla-oD4z2JUqAFijAZUcrKqLzPZg==
date: Wed, 18 Sep 2024 23:52:04 GMT
content-type: text/javascript
last-modified: Fri, 03 May 2024 13:20:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 208ms
49ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1726771792075&plid=3e726b83-a704-421a-970f-6e707f5e241f&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22%22%2C%22janrain_uuid%22%3A%22%22%2C%22site_level_uuid%22%3A%22%22%2C%22hub_level_uuid%22%3A%22%22%2C%22adobe_mcid%22%3A%2215332170548456394790143776888713576732%22%2C%22word_count%22%3A%22%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11736%2C%22_articleTemplate%22%3A%22%22%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%2F%2F%3Fredirect%5C%3Dtrue%5C%2Fcontests.html&sref=&sts=1726771792070&slts=0&title=Breaking+News+-+Headlines+%26+Top+Stories+%7C+The+Star&date=Thu+Sep+19+2024+20%3A49%3A52+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&js=1&pvid=a7eeecf3-f5a1-4565-8940-bbca9a969df0&u=pid%3Dba8b4f09-c1d1-4907-8b03-5cb9cd4d74a8
Requested by: Host: www.thestar.com
URL: https://www.thestar.com///?redirect\=true\/contests.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Thu, 19 Sep 2024 18:49:52 GMT
Content-Type: image/gif
Last-Modified: Thursday, 19-Sep-2024 18:49:52 GMT
Server: nginx
Connection: keep-alive

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 192ms
191ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B13C9F61F8E74F749FE54DF816CBE12F Ref B: DUS30EDGE0312 Ref C: 2024-09-19T18:49:52Z
x-li-fabric: prod-lor1
access-control-allow-credentials: true
x-li-uuid: AAYifWNJAGUy2puBBlxj1g==
x-li-proto: http/2
access-control-allow-origin: https://www.thestar.com
x-cache: CONFIG_NOCACHE
date: Thu, 19 Sep 2024 18:49:51 GMT
vary: Origin

GET
H2 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
2 KB 32ms
31ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/static/ct/token_create.js

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: max-age=7200
content-encoding: gzip
etag: "16d5d552603d86726ae439fc61299d42"
x-cdn: akamai
content-length: 2114
date: Thu, 19 Sep 2024 18:49:52 GMT
akamai-grn: 0.986656b8.1726771792.75806992
content-type: application/javascript
vary: Accept-Encoding
x-edgeconnect-midmile-rtt: 14
x-edgeconnect-origin-mex-latency: 396
x-amz-server-side-encryption: AES256

GET
H2 200 ct.html
ct.pinterest.com/ Frame 4D53 0
0 121ms
62ms Document
text/html 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.97c41ef3.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

akamai-grn: 0.986656b8.1726771792.75806a1b
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 19 Sep 2024 18:49:52 GMT
pinterest-version: 04c72559290fb12af78741d63dcb884b64587706
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8115355403578134
x-pinterest-rid-128bit: ef373ec9870a2e2a709f88be18525041

GET
H2 200 favicon.ico
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/favicons/thestar/ 1 KB
435 B 37ms
36ms Other
image/x-icon 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/favicons/thestar/favicon.ico?_dc=1726680939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db6de4c7acdd82e35b39c6e7d8051759fe5c0ef38be0da452f8fed09fdd3e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
content-encoding: br
cf-cache-status: HIT
etag: W/"66eb0f6b-47e"
age: 90148
expires: Thu, 18 Sep 2025 17:40:42 GMT
date: Thu, 19 Sep 2024 18:49:52 GMT
content-type: image/x-icon
last-modified: Wed, 18 Sep 2024 17:35:39 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc216bd6ad3b9-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 icon.ico
www.thestar.com/content/tncms/site/ 1 KB
1 KB 124ms
124ms Other
image/x-icon 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thestar.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 0db6de4c7acdd82e35b39c6e7d8051759fe5c0ef38be0da452f8fed09fdd3e66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com///?redirect\=true\/contests.html

Response headers

x-vcache: HIT
cache-control: public, max-age=43200
etag: "6501d32a-47e"
age: 26446
accept-ranges: bytes
content-length: 1150
date: Thu, 19 Sep 2024 11:29:05 GMT
last-modified: Wed, 13 Sep 2023 15:20:10 GMT
content-type: image/x-icon

GET
H2 200 favicon-32x32.png
bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/favicons/thestar/ 466 B
631 B 41ms
41ms Other
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/thestar.com/content/tncms/live/libraries/flex/components/torstar_core/resources/images/favicons/thestar/favicon-32x32.png?_dc=1726680939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696759df6e599a9bad9f1fa5aee0f4b35b23cda2721a547fda62fe8447d695d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.thestar.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "66eb0f6b-562"
age: 90148
cf-cache-status: HIT
expires: Thu, 18 Sep 2025 17:40:42 GMT
cf-polished: origFmt=png, origSize=1378
date: Thu, 19 Sep 2024 18:49:52 GMT
content-type: image/webp
content-disposition: inline; filename="favicon-32x32.webp"
vary: Accept
last-modified: Wed, 18 Sep 2024 17:35:39 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8c5bc217c941d3b9-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 466
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com

Verdicts & Comments Add Verdict or Comment

402 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pixel.thestar.com/events/78e7bb44ad2713658d1dea76f880eae8435765d820431fb62dd2600ffd812bdf	1970-01-21 01:49:07	Name: cee Value: %2FWU3ESBh5EQbBwR9XtNd34xtZsA2zmfEeslrJL7Zt1c%3D.%7B%7D
www.google.com/recaptcha	1970-01-21 03:58:43	Name: _GRECAPTCHA Value: 09AGteOyqmEGLS_s0s0e-WATUfjV2odHLggDVNKlMiI13AsBHVrv1YEyjN6MrFQ_6iifVdIdMdZoLNJyAXZ-w3dic
ots.webtrends-optimize.com/ots	1969-12-31 23:59:59	Name: JSESSIONID Value: 3C94BE93A50F28E79CD0CACDCBF6A829
.thestar.com/	1970-01-21 01:49:07	Name: _gcl_au Value: 1.1.1891677260.1726771791
.thestar.com/	1969-12-31 23:59:59	Name: tncms_csrf_token Value: e23b572e0bb2cc6133bd2792e69a08538d1756aea80277aa7a3a8f210c866852.fe79b028ece6ed806eb3
.thestar.com/	1970-01-21 09:15:31	Name: local_ga_B4CQN4KW3R Value: GS1.1.1726771791.1.0.1726771791.60.0.0
.thestar.com/	1970-01-21 09:15:31	Name: local_ga Value: GA1.1.1807008037.1726771791
.thestar.com/	1970-01-21 09:15:31	Name: _ga_6FZFMVVWVN Value: GS1.1.1726771791.1.0.1726771791.60.0.0
.thestar.com/	1970-01-21 09:15:31	Name: _ga Value: GA1.1.1807008037.1726771791
.demdex.net/	1970-01-21 03:58:43	Name: demdex Value: 15340580087920233570140677262745688854
.thestar.com/	1970-01-21 08:25:07	Name: _vfa Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.decfc7e6-491f-406f-9b47-cb075f275344.1726771791.1726771791.1726771791.1
.thestar.com/	1970-01-20 23:39:32	Name: _vfz Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.1726771791.1.medium=direct\|source=\|sharer_uuid=\|terms=
.thestar.com/	1970-01-20 23:39:33	Name: _vfb Value: www%2Ethestar%2Ecom.00000000-0000-4000-8000-032a225cd465.2.10.1726771791....
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1970-01-21 09:15:31	Name: s_ecid Value: MCMID%7C15332170548456394790143776888713576732
.thestar.com/	1970-01-21 01:49:07	Name: _rdt_uuid Value: 1726771791480.e72e18c0-446f-4682-b62c-aeddf14f0cb1
.dpm.demdex.net/	1970-01-21 03:58:43	Name: dpm Value: 15340580087920233570140677262745688854
.thestar.com/	1970-01-21 09:15:31	Name: _ga_4T2EB147B8 Value: GS1.1.1726771791.1.0.1726771791.60.0.0
.thestar.com/	1970-01-21 09:15:31	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19986%7CMCMID%7C15332170548456394790143776888713576732%7CMCAAMLH-1727376591%7C6%7CMCAAMB-1727376591%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1726778991s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19993%7CvVersion%7C5.5.0
.doubleclick.net/	1970-01-21 00:22:43	Name: ar_debug Value: 1
.thestar.com/	1970-01-21 08:25:07	Name: ajs_anonymous_id Value: 1457372f-5f10-4d02-83ba-55805dfe6e97
.thestar.com/	1970-01-20 23:40:58	Name: _uetsid Value: f409540076b711ef9f98956d3fc22a9b
.thestar.com/	1970-01-21 09:01:07	Name: _uetvid Value: f409400076b711ef9c3fcd465c6517f6
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-21 01:49:07	Name: _fbp Value: fb.1.1726771791753.997667540246859178
.bing.com/	1970-01-21 09:01:07	Name: MUID Value: 19BD0357C189616324FF17A8C025601D
.doubleclick.net/	1970-01-21 09:01:07	Name: IDE Value: AHWqTUlNBtTdt7Tsvk2IznfLzo_WRMZsTypWMu3inxVU_R4f_M3l6ITF0L8tUqJb-QU
.doubleclick.net/	1970-01-21 03:58:43	Name: receive-cookie-deprecation Value: 1
.thestar.com/	1970-01-21 08:25:07	Name: _pin_unauth Value: dWlkPU0yWTRaRGRpTmpndE9EQXdNQzAwTTJFMUxUbGxPVGt0TkRFM016WmpPRFEwTkRjMA
.pinterest.com/	1970-01-21 08:25:07	Name: ar_debug Value: 1
.twitter.com/	1970-01-21 09:15:31	Name: guest_id_marketing Value: v1%3A172677179183545165
.twitter.com/	1970-01-21 09:15:31	Name: guest_id_ads Value: v1%3A172677179183545165
.twitter.com/	1970-01-21 09:15:31	Name: personalization_id Value: "v1_CfaELM8YJrSZILIe24ED1w=="
.twitter.com/	1970-01-21 09:15:31	Name: guest_id Value: v1%3A172677179183545165
.linkedin.com/	1970-01-21 08:25:07	Name: bcookie Value: "v=2&c1c9afe2-0940-4c4d-8107-2a45be93cb93"
.linkedin.com/	1970-01-21 03:58:43	Name: li_gc Value: MTswOzE3MjY3NzE3OTE7MjswMjF+o2RnXRNqiGaFs4IMmPvEjtNLLnyJZB0AG71Pip2c5w==
.linkedin.com/	1970-01-20 23:40:58	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=3351:u=1:x=1:i=1726771791:t=1726858191:v=2:sig=AQHWSti_2unM1J1Eh53lqWLPVbdVrthi"
.t.co/	1970-01-21 09:15:31	Name: muc_ads Value: a1c42173-f8b0-4c8b-8cf1-80d2971c82d2
.t.co/	1970-01-20 23:39:33	Name: __cf_bm Value: 9IHasdePpc.JlA.E7XVoCbAwNJyi.xa4i2hWkjDmrHM-1726771791-1.0.1.1-7UBCE0.63AEDHHzrmLDtEafHUtwwBope.w6gue5EK79DWBjKR2qPMN7lmF.lRYMsqw1.djkaaGpitS7IHeGmDw
.thestar.com/	1970-01-20 23:39:33	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com///?redirect%5C%5C=true%5C%5C/contests.html%22%2C%22sref%22:%22%22%2C%22sts%22:1726771792070%2C%22slts%22:0}
.thestar.com/	1970-01-21 09:08:55	Name: _parsely_visitor Value: {%22id%22:%22pid=ba8b4f09-c1d1-4907-8b03-5cb9cd4d74a8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1726771792070}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.thestar.com///?redirect\=true\/contests.html Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com' from origin 'https://www.thestar.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14475035.fls.doubleclick.net
aax.amazon-adsystem.com
accounts.google.com
ad-delivery.net
ad.doubleclick.net
alb.reddit.com
analytics.twitter.com
api.btloader.com
api.segment.io
api.viafoura.co
bat.bing.com
bloximages.chicago2.vip.townnews.com
btloader.com
c.amazon-adsystem.com
c.webtrends-optimize.com
cdn.ampproject.org
cdn.parsely.com
cdn.segment.com
cdn.viafoura.net
cm.everesttech.net
config.aps.amazon-adsystem.com
connect.facebook.net
ct.pinterest.com
d1z2jf7jlzjs58.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i.viafoura.co
micro.rubiconproject.com
news.google.com
ots.webtrends-optimize.com
p1.parsely.com
pixel-config.reddit.com
pixel.thestar.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
resources.thestar.com
s.pinimg.com
s.thestar.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.crwdcntrl.net
thestar.cloud.optable.co
thestar.solutions.cdn.optable.co
torontostarnewspaperslimited.demdex.net
torstar.gscontxt.net
unpkg.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
www.thestar.com
c.amazon-adsystem.com
104.16.132.24
104.244.42.3
104.64.126.246
104.75.88.209
13.107.253.44
13.107.42.14
13.224.186.120
13.32.119.202
13.35.58.148
130.211.23.194
142.250.181.228
142.250.184.194
142.250.184.238
142.250.185.102
142.250.185.200
142.250.186.134
142.250.186.99
146.75.120.157
151.101.193.140
157.240.0.6
158.101.223.79
172.66.0.227
18.239.208.117
18.244.18.32
18.245.31.123
192.104.182.109
20.54.140.8
2001:4860:4802:34::36
2600:1f18:1430:9000:45be:690a:e1e9:1615
2600:1f18:44f0:4848:d1e4:a5dd:e098:e51e
2600:9000:223c:1800:8:2ae1:d740:93a1
2606:4700:10::6816:4bd8
2606:4700:20::681a:246
2606:4700::6811:f7cb
2620:1ec:21::14
2620:1ec:33::10
2a00:1450:4001:811::2001
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a00:1450:400c:c0a::54
2a02:26f0:3500:10::210:a9b
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42::84
3.161.75.65
3.161.77.50
34.149.155.241
34.160.43.93
34.243.156.227
34.252.69.234
52.12.47.65
52.17.99.225
52.55.86.201
54.228.160.99
63.140.62.222
65.9.66.104
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
00784cf75c31cac8dd1aa368b02f337747843e0d427fd79f2b01446706e34d6c
01594e833d67163c5d71c470fb205ab5dcea6c114cb3408c3aed83d139697c36
02d4a3e3bc55fb2c10464afa89e283d1d017f6a309634709009f0e3ec5455e26
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0acff355a123d849b520cf5a94fba9e18840b78a57f67e7ff984ad7272821d48
0db6de4c7acdd82e35b39c6e7d8051759fe5c0ef38be0da452f8fed09fdd3e66
0f28f8ef3c65ede1c3171b6e44188fca93e15b53d362d0bbb9a22c93d3f73fdd
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
190e1101cde57367a86dd7f3df29194cf2b78968948c793f424d5f144897b9b7
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1deabf033147433afcdf4b0d64c6e49d564ba704b564c6c242f31395edb450bb
1ebc1e62c024fc610ffd18df157488dfa4321fc8db7222d9db66e92e1afe7b7b
22d267ce684b1fe80086ec1e1eb85b9c6a415b539a28d238c46988b380063f72
232aed844628184741345b9bda7b612b47351c26b74261501275522bc4bfd135
249f5da01a64c4809b00baa1f828e663e91a52268689c84332b5157ee96ee1a9
2557365aebe07e2fca7075a141aaaee399e92906f25ce7b67efa44f0df6c4789
2736d55a4da2c1d7e1cec02b86d6432aabe15a41f5f86803b5fa5fbe3cae8a64
2771a0d3273c61715140f7259d31a0e73d7f7ee1702b67ec7a68445b42f1537b
2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2cc3ab827174b3c8924eff21bec7589249a6150d4c9022fa52f4ffb27416db08
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3277bd08bf37f1fd5af9c3b1cc9c81281977dc85021fb0b9f1f86c8c6e9a5925
33b24d14ebd37a67fb1944d0d519ffdcda71d5bbabf859a963f790b56eeeb823
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3af92a23430da4fa00766d5b8f33945856158e053e9a58b3d6d614b0e73a528d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fa20d51f6e21192966bf4681bfcce7de3d481a1bb595dc4a1a556cb7bb8a87f
403157f1da5460465e0156ec5f3b9a21270b545805b43ac4137572027f21296c
4353442b296c53f51d82efc2617406d68cc278bd08c2ce4ca96daa9fcc2c77e3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
457e85861044e6c6ed188aee506092571f5ba71759bbc1de4340ece02b69194e
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
47220c4c850d2a71293522af7071da5706951e1cecc6dddce7bc78343f48de1e
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
49460c5bb5f8b3b1f6deaeab185b8cbd840f024ff0f4539794f9e55d29a275ca
4adce56d5b9e718c9ae4798c09e85846e80100fd12ed65d3aeb234047028cf35
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4c53ebdf43a70f4c7fcbc14745b469f71d14380e976a2f0e63eccdcd88330852
4cab0a14a1ae3cdc5914d86814bbafafadb5befcec7ebe7b9ca53e2da503c84f
4d063ab8701f5932753a12e9b302d8345ed7ba488f2f3ca6d46912fb60ce2815
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4dc392f4dc21a75392f7a60293bcd78b466ba3e9671e04acc1caab86a533bcd3
50eea9da4f4a1b43ff0b25615da2dcf7dcb6fd9173b4ab1b472663d204acc258
517a52322b65057d65fad8389365a8993a991c4b70986eeb89790fa94edbb64a
51bcf67564625b93b6f3bcfa0fbb4bea12ffee46cd95220fc54f641d98787413
51e62bc02cd5fca4b743c497a1b1b06096f90407e772e6acf00d6e0ec60970ad
523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb
541de102c9a9c7339365824372a175bf6c88fb8a2a77b092664cd14c131935a1
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
55c6983606eae184b6c555ec5ed37a79f5038a478645e778921e618d74ed7f1c
57c6c8ef16f19b7a2e015a857f3f43bc4997fb5044f8dd62644329ba4a8420dc
595550d27cabf0dad36e8ddae06a223716e7067ff08607b60e91adab5e06c748
5cde2b88166202ca02bb7edb492dc4b4873134bf0d524245240458b8ec058823
5e3718c850c94db1e3daa959e53737254c607f52f2d672182df6ac3a91386885
609ce752d099830d428c2ea4768baa950acb7688a632d909846b8b1dec821cec
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
68684d4e091795123c7797a602e056cac24a3355a95b3b198e4fbd65822afcd2
696759df6e599a9bad9f1fa5aee0f4b35b23cda2721a547fda62fe8447d695d9
69fa49b5af1a24856283635a2ce2a2e0fb9d1efc6e13c8cf3e3f8442647c1e36
6d0418142532113eda1c31d85a5785ad886b41a16d2439c722a6e9eb15601efe
6e3171015a43e7378b04219b7cf6e9faccc6c750f18b74bab9d831ac2df0ca59
6e372b3cb930d718a9724e03a87269d83b451251f29f49a559f61c2f8297678e
713ce628535c66ef3e3439611569fed5dbda355deca4884062f1109542c86fff
7458edd9b7b53f7b32c80f4856a8a0d1c4b7557c589f7c6b860c30a43829ac3a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
770dcaf045c045c66d6903b436c5b8c6f5d5a466fb3f17b3ba8f778f756b7621
77879f54400e07c9d73fefd1e1e06fd736e7dbeffea7669790620753125671ff
7bc03dd1a4a386d9d9c7e44a6c9e96d84ea72e8d9d848baf3ba0f657770d85b4
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7d26735eddb23844cc7031c230a1d352718423f191c26a3ed0aa2c1364e8253c
80050c5d0cb800040fad266278961ca20bab0154aca10c4d17a4e0889cb1e9f8
80abdc7301a85f3723a06e115899beb85170026b040c44834b954be0d2f2af3d
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
868363ef2870b0754aff551f47a8058255af7768783bbc152711cd4552fb7f0f
887f9246ab91efe9af907928584c5e359d37e15f724a20187f6e5134a6e66fd3
89b791a1b0bb12330cfb4f37df8d2cfaa8c791ca314ee7883bff7fed88851ae9
89e5b70754765ab6a5907e76072f3d4b9fee358fb3720c99d5414a6b8d56ca54
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8b2b80e123286ecb7ec84a0ae7ebf2257132f0b517190269d8c4439b7c89293b
8bba9687afeda017cbf549538f5433e397e901a3b452306988a7999db6f1a8ce
8bc00643c465b3bca45174c692d7097c758e64794add2a1b2f3ffb9bd86d0e81
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8e6b3272816c9b6efeb0b3ccc16326c123d9860f38d7c7c4fc215334559996e2
919293e56b6a814a84a579b014f63a2423b0419c418494da7baa7c0c5893cde1
91c9878d148c19e62a7f3010ddef8aeeb06080cc8b0c81a5ff9ea70d8be94b5c
92f3f9116024c08e49037585b1e9f4e41acff62ec1fbe0936afda9f5f7c4465f
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94f5196fd2a0e77ac5f6bbf268c53e36d4fc6bfe33cca0e3ca31fe4fb675a97b
9a75af162a0dd2f4fd8d79eb47940d2b997804e86b27e8d4026544d752b5ebe5
9b69399569237ff386301a82562ff6b21c1d31370b29928025cee63b7252f848
9c02ac5ede2a9b253a5fdff07b4a57e556c1ad42d0bd47e4715707e5adc1b914
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9cefee4c660d3fc32a9c8957e4e5a464fde600f95d50d64e533e9c2b73d7ad2c
9cffa4a2e51b8ad951cfed21a095c9678f3fb7032df3edd501b4781036d0226a
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a03c1dc4e7bbc413858069b6b4fdb39b30c3ab732234ce8b712022c56c074f7d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c767ec61f3ecd854a3b3aab3ed23168707aa1fc9cee0009643a72362d6bfdd
a3d462651e9f87a8eb241f85f611bff6666e4364de38b2ccb6ced15fe5fe2a18
a70b993e6415ddfd66ea6ee209e3ab2fa3f88b0d3e4329aec59cffedf2c32db6
a76ff167d7d530e0a4d45c331ac37dd1ad59b0c32b1a80e3906cb50d88e0f3b7
a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c
a7ad2666cfdc2495ef3849d47ea1144f4a493efffa9aeeb4448e60488aec66d3
a8a4a852dedcc7e3b6bb2c6acffac1a82a31828a00749ce2a8c2d6dd5f268dd9
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aadfdde0a0aea4dd6e3bfb60868f546b2e30db7f8d5b3549af99915a8e7294f9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b1139a764a2eae949ca1358aa7a387a7d6812f277016c070e28279f2639da412
b33ddb074422bbc280b17dc819865e9068013f0bb68d4bd6f06d2bc9dc56c3af
b5348904074ca7f09e3078c2afcabad0f0c9cafcfc751566e93d90ceaa75b887
b7f817d35152e6280e12fa0a2895ec47b65085df83867b00d766f9a0e5595a37
b90b775b65c2623322caaa52d7acf6af709ca59bdd475a54043b6308d91828c4
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
be4bbf8a99bdcfad3ccc24831e2c34b23dcd287f4adf8e40de3f6172a02638f9
c2ab34321ef0a61378759396e72284c4ee6c055bf11521b655d1e5b5a435a8b5
c31031c62e3de4b8e4b8edf0cb95328e1d678b1db4dd84d637ff02a32eb1136a
c3787cf743f70b81f790ab6dca42ff6fecd145c5935e184ac7dbe883481c6d6e
c464247f9a68599bb425e7344e126b4a6562c87e6b824f4ad64cdf744b451f9e
c6ac86cfcd875307be77577d580d25f3e0868dfeebd12080b3fe1044c378dbb9
c72b6d7c9272f5d79b0bc2a13aee33dfc705eff7d324794975da00ef185df9a8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd886a01f6af8332fc28434bfeb5fb5c29e3417d31b0f8d52c1fd60bafafba8
d25c7119762687649bbe8a8c832524947f0d93298bb173ef3f0add82f450fbd8
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6c8c6b184ece61ce540c664eca5d0d8a2c8665e054d06cd18b362f2f7927c42
d72995ef7e52dafc770a56457038f77d59a619a426132bfe914ba3ba4f683640
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dadfc275da68cf3890e3fea42db5f334848e9cb95014b655434fca385ebd2e5d
ddf1466b3e00367c51b294a49a96c6b83344c49d22f7993b31a0caf3af4d0bfb
e2d60cdf4948bf1fcc89d3e1fb4875dbfe0cd45125eced25eb220b5fd72abe73
e36caf6f59707c991b15f27e19c887cb5ed767e4e2d58692560c91442434eb69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e694226cb8066165b2b08e7a50c64971a1eab63f1f6a27e83b07f976251f6934
eaf2bfe18b639cdca8455270dc66be66b931054b6be9447137220137e716cb40
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f012c00d43164a4de843ae80abefe500f8497e1123d11c965cd3b40600fe9720
f3e975506b3ea0835e46460a649d3c7246f3cdc8649f959c02ae392e5febd3ea
f5c3f7d191cf53de953cbca211fc57b206acc15b58142ac12cb9bcfcba748a54
f75c3c6c5a24bd769dc4bdfa2e0549681f48caa046875bc48a54831b741b8452
f8112209cec2123efc61574a748d65e346ffd80acc0784182ca7f80c1bdd7820
f869f4cb68f99dfd2565886a1db8d086c5753ec325dc80170c23238b284da0db
f9c0780e7f6e532536ae33d56306f18e6d4fc047e67fd9bbaaa7f1272a72e8d7
fc6b418b5a68f50966ec33b5ded2116b6e20a95fd027630285373f24a3df69ec
fc7b3a764cfbb99156b58e65fb1cbf93233c953854e8195c758029ef5a86539f
fd3090687e1d99f2bf2ec597b58d68f93ef721f6be2faf30f4dbbe76160781b6
fe7ca5b465b338f88ef1f4db8dcbd5df9055f9bc3cd48d4b81c138298a848743

www.thestar.com Open in urlscan Pro 192.104.182.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

193 Requests

97 %HTTPS

36 %IPv6

39 Domains

60 Subdomains

61 IPs

7 Countries

3386 kBTransfer

9824 kBSize

41 Cookies

25 Outgoing links

Page URL History

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thestar.com Open in urlscan Pro
192.104.182.109 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

97 %
HTTPS

36 %
IPv6

39
Domains

60
Subdomains

61
IPs

7
Countries

3386 kB
Transfer

9824 kB
Size

41
Cookies

193 HTTP transactions
2 data transactions