www.northstarbets.ca Open in urlscan Pro
23.216.132.12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.northstarbets.ca/responsible-gambling
Submission: On June 20 via manual (June 20th 2024, 10:49:19 am UTC) from CA — Scanned from CA

Summary HTTP 126 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 30 domains to perform 126 HTTP transactions. The main IP is 23.216.132.12, located in Piscataway, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.northstarbets.ca.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 2nd 2023. Valid for: a year.

This is the only time www.northstarbets.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	23.216.132.12 23.216.132.12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.214.246.63 23.214.246.63	16625 (AKAMAI-AS) (AKAMAI-AS)
2	173.194.66.95 173.194.66.95	15169 (GOOGLE) (GOOGLE)
5	142.251.174.97 142.251.174.97	15169 (GOOGLE) (GOOGLE)
3	13.107.246.38 13.107.246.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	209.85.144.100 209.85.144.100	15169 (GOOGLE) (GOOGLE)
1 4	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.218.218.191 23.218.218.191	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	23.204.206.249 23.204.206.249	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.31.27 104.18.31.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.67.60.119 18.67.60.119	16509 (AMAZON-02) (AMAZON-02)
3 6	172.217.222.149 172.217.222.149	15169 (GOOGLE) (GOOGLE)
3	173.194.204.148 173.194.204.148	15169 (GOOGLE) (GOOGLE)
2	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1 8	172.64.151.180 172.64.151.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	213.187.229.147 213.187.229.147	43937 (PTNET) (PTNET)
3	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	209.85.144.94 209.85.144.94	15169 (GOOGLE) (GOOGLE)
1	213.187.226.60 213.187.226.60	43937 (PTNET) (PTNET)
4	54.221.249.152 54.221.249.152	14618 (AMAZON-AES) (AMAZON-AES)
9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1 1	108.138.64.35 108.138.64.35	16509 (AMAZON-02) (AMAZON-02)
1	108.138.85.105 108.138.85.105	16509 (AMAZON-02) (AMAZON-02)
1	173.223.163.201 173.223.163.201	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.165.83.57 18.165.83.57	16509 (AMAZON-02) (AMAZON-02)
1	52.85.132.107 52.85.132.107	16509 (AMAZON-02) (AMAZON-02)
3	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.125.209.212 20.125.209.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	52.179.73.39 52.179.73.39	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
126	34

39 23.216.132.12 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-132-12.deploy.static.akamaitechnologies.com

www.northstarbets.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.214.246.63 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-214-246-63.deploy.static.akamaitechnologies.com

cdn.safecharge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.66.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.174.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.246.38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 209.85.144.100 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.191 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-191.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.204.206.249 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-206-249.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.31.27 (None, )

ASN13335 (CLOUDFLARENET, US)

scripts.prdredir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.60.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-60-119.iad89.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.222.149 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: qi-in-f149.1e100.net

11795055.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
14111480.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.204.148 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.180 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.northstarbets.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.187.229.147 (Canada)

ASN43937 (PTNET, EE)

oapi-cur.techonlinecorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.211.35.148 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.144.94 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.187.226.60 (Malta)

ASN43937 (PTNET, EE)

webtickers.malmegas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.221.249.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-249-152.compute-1.amazonaws.com

cdn.us.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.us.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.35 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-35.iad12.r.cloudfront.net

static.kambicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.85.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-105.iad12.r.cloudfront.net

kambi-widget-api.bc.kambicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.163.201 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-201.deploy.static.akamaitechnologies.com

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.165.83.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-57.iad55.r.cloudfront.net

wa.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-107.iad50.r.cloudfront.net

wa.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

nsgsupportteam.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.125.209.212 (Chicago, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.179.73.39 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	northstarbets.ca 1 redirects www.northstarbets.ca login.northstarbets.ca	1 MB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2404 ekr.zdassets.com — Cisco Umbrella Rank: 2905	225 KB
9	doubleclick.net 3 redirects 11795055.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 164 14111480.fls.doubleclick.net	2 KB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	7 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 y.clarity.ms — Cisco Umbrella Rank: 11938 c.clarity.ms — Cisco Umbrella Rank: 1434	28 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 360 www.linkedin.com — Cisco Umbrella Rank: 545	4 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	458 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	80 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 361 c.bing.com — Cisco Umbrella Rank: 224	16 KB
3	zendesk.com nsgsupportteam.zendesk.com	1 KB
3	xtremepush.com api.us.xtremepush.com — Cisco Umbrella Rank: 858493	2 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 563	202 B
2	onelink.me wa.onelink.me — Cisco Umbrella Rank: 16925	878 B
2	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5461 wa.appsflyer.com — Cisco Umbrella Rank: 10862	10 KB
2	kambicdn.com 1 redirects static.kambicdn.com — Cisco Umbrella Rank: 138249 kambi-widget-api.bc.kambicdn.com — Cisco Umbrella Rank: 135603	18 KB
2	gstatic.com fonts.gstatic.com	48 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 4613	121 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1585 insight.adsrvr.org — Cisco Umbrella Rank: 1062	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	23 KB
1	webpu.sh cdn.us.webpu.sh	39 KB
1	malmegas.com webtickers.malmegas.com — Cisco Umbrella Rank: 893068	1 KB
1	techonlinecorp.com oapi-cur.techonlinecorp.com	339 B
1	prdredir.com scripts.prdredir.com — Cisco Umbrella Rank: 61000	180 B
1	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1056
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 4440	18 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 902	14 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 609	57 KB
1	safecharge.com cdn.safecharge.com — Cisco Umbrella Rank: 97774	3 KB
126	30

	Domain	Requested by
39	www.northstarbets.ca	www.northstarbets.ca js.monitor.azure.com
8	static.zdassets.com	www.northstarbets.ca static.zdassets.com
8	login.northstarbets.ca	1 redirects www.northstarbets.ca login.northstarbets.ca
8	www.facebook.com	www.northstarbets.ca
5	px.ads.linkedin.com	2 redirects js.monitor.azure.com www.northstarbets.ca
5	www.google-analytics.com	www.googletagmanager.com js.monitor.azure.com
5	www.googletagmanager.com	www.northstarbets.ca www.googletagmanager.com www.google-analytics.com
4	11795055.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	nsgsupportteam.zendesk.com	static.zdassets.com
3	api.us.xtremepush.com	js.monitor.azure.com
3	y.clarity.ms	js.monitor.azure.com
3	ad.doubleclick.net	www.northstarbets.ca
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.northstarbets.ca
2	dc.services.visualstudio.com	js.monitor.azure.com
2	c.clarity.ms	1 redirects
2	wa.onelink.me	js.monitor.azure.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	us-central1-adaptive-growth.cloudfunctions.net	js.monitor.azure.com
2	14111480.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	fonts.googleapis.com	www.northstarbets.ca
1	insight.adsrvr.org	js.adsrvr.org
1	c.bing.com	1 redirects
1	wa.appsflyer.com	js.monitor.azure.com
1	ekr.zdassets.com	js.monitor.azure.com
1	websdk.appsflyer.com	www.northstarbets.ca
1	kambi-widget-api.bc.kambicdn.com	www.northstarbets.ca
1	static.kambicdn.com	1 redirects
1	cdn.jsdelivr.net	www.northstarbets.ca
1	cdn.us.webpu.sh	www.northstarbets.ca
1	webtickers.malmegas.com	js.monitor.azure.com
1	oapi-cur.techonlinecorp.com	js.monitor.azure.com
1	www.linkedin.com	1 redirects
1	js.adsrvr.org	www.googletagmanager.com
1	scripts.prdredir.com	www.googletagmanager.com
1	servedby.flashtalking.com	www.googletagmanager.com
1	cdn.pdst.fm	www.northstarbets.ca
1	snap.licdn.com	www.googletagmanager.com
1	js.monitor.azure.com	www.northstarbets.ca
1	cdn.safecharge.com	www.northstarbets.ca
126	41

This site contains links to these domains. Also see Links.

Domain
www.problemgambling.ca
www.camh.ca
www.responsiblegambling.org
www.visa.ca
www.interac.ca
www.mastercard.com
www.americanexpress.com
newsroom.paypal-corp.com
www.connexontario.ca
support.northstarbets.ca
affiliates.northstarbets.ca
igamingontario.ca
ibia.bet

Subject Issuer	Validity	Valid
*.northstarbets.ca DigiCert TLS RSA SHA256 2020 CA1	`2023-10-02` - `2024-10-01`	a year	crt.sh
*.safecharge.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-05` - `2024-09-04`	a year	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure RSA TLS Issuing CA 04	`2024-05-22` - `2025-05-17`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-29` - `2024-06-27`	3 months	crt.sh
cdn.pdst.fm WR3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
prdredir.com GTS CA 1P5	`2024-04-26` - `2024-07-25`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
misc.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
login.northstarbets.ca GTS CA 1P5	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.techonlinecorp.com RapidSSL TLS RSA CA G1	`2023-12-28` - `2025-01-10`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.malmegas.com RapidSSL TLS RSA CA G1	`2023-11-28` - `2024-12-06`	a year	crt.sh
webpu.sh R11	`2024-06-19` - `2024-09-17`	3 months	crt.sh
zdassets.com E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.onelink.me Amazon RSA 2048 M02	`2024-05-05` - `2025-06-02`	a year	crt.sh
us.xtremepush.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
nsgsupportteam.zendesk.com Cloudflare Inc ECC CA-3	`2024-01-01` - `2024-12-31`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 04	`2024-04-18` - `2025-04-13`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.northstarbets.ca/responsible-gambling
Frame ID: 15AD46FF905D7D02208EA3D622B60F53
Requests: 106 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/25428;130114;14307;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.northstarbets.ca/responsible-gambling&ns=&cb=691596.3228834472
Frame ID: B7E2D18B18387F805D1D19A5E780BC86
Requests: 1 HTTP requests in this frame

Frame: https://11795055.fls.doubleclick.net/activityi;dc_pre=COrJsIaB6oYDFcbh_QUdjTsA9Q;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling
Frame ID: A17A17A2C491C26A1F9D7753903781E6
Requests: 1 HTTP requests in this frame

Frame: https://11795055.fls.doubleclick.net/activityi;dc_pre=CMTMsIaB6oYDFcHUuAgdd4EAtA;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling
Frame ID: 189A54ED910D803B7A729124FD2CCD99
Requests: 1 HTTP requests in this frame

Frame: https://14111480.fls.doubleclick.net/activityi;dc_pre=CIrasoaB6oYDFfTl_QUdyFQLvA;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling
Frame ID: 4C61BC8AC6F0981F9F77C29729C6E8FD
Requests: 1 HTTP requests in this frame

Frame: https://login.northstarbets.ca/pasSetupPage.php?casino=northstarbets.ca
Frame ID: 7BA623E1084254EF759101D66C937084
Requests: 1 HTTP requests in this frame

Frame: https://login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: E1AA7C4AC9A20DF1100504C115F9928F
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Frame ID: A8BDEB08AAB370A3D7B1EB9979C945C2
Requests: 9 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=fat3dnv&ref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&upid=ql4rllw&upv=1.1.0&td1=undefined
Frame ID: CAD42B4B9E7ABD8FE6D9F5E73DB02242
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Responsible Gambling

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

126
Requests

97 %
HTTPS

0 %
IPv6

30
Domains

41
Subdomains

34
IPs

4
Countries

2270 kB
Transfer

10343 kB
Size

56
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.problemgambling.ca/gambling-help/
Title: https://www.problemgambling.ca/gambling-help/

Search URL Search Domain Scan URL

URL: https://www.camh.ca/en/your-care/programs-and-services/problem-gambling-support-groups
Title: https://www.camh.ca/en/your-care/programs-and-services/problem-gambling-support-groups

Search URL Search Domain Scan URL

URL: https://www.camh.ca/en/your-care/programs-and-services/problem-gambling--technology-use-treatment
Title: https://www.camh.ca/en/your-care/programs-and-services/problem-gambling--technology-use-treatment

Search URL Search Domain Scan URL

URL: https://www.responsiblegambling.org/for-the-public
Title: https://www.responsiblegambling.org/for-the-public

Search URL Search Domain Scan URL

URL: https://www.visa.ca/en_CA

Search URL Search Domain Scan URL

URL: https://www.interac.ca/en/

Search URL Search Domain Scan URL

URL: https://www.mastercard.com/global/en.html

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/

Search URL Search Domain Scan URL

URL: https://newsroom.paypal-corp.com/

Search URL Search Domain Scan URL

URL: https://www.connexontario.ca/en-ca/
Title: Connex Ontario

Search URL Search Domain Scan URL

URL: https://support.northstarbets.ca/hc/en-ca
Title: Help Centre

Search URL Search Domain Scan URL

URL: https://affiliates.northstarbets.ca/
Title: Affiliate Program

Search URL Search Domain Scan URL

URL: https://igamingontario.ca/en

Search URL Search Domain Scan URL

URL: https://ibia.bet/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://11795055.fls.doubleclick.net/activityi;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling HTTP 302
https://11795055.fls.doubleclick.net/activityi;dc_pre=COrJsIaB6oYDFcbh_QUdjTsA9Q;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling

Request Chain 27

https://11795055.fls.doubleclick.net/activityi;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling HTTP 302
https://11795055.fls.doubleclick.net/activityi;dc_pre=CMTMsIaB6oYDFcHUuAgdd4EAtA;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling

Request Chain 30

https://14111480.fls.doubleclick.net/activityi;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling HTTP 302
https://14111480.fls.doubleclick.net/activityi;dc_pre=CIrasoaB6oYDFfTl_QUdyFQLvA;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling

Request Chain 36

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4684708%26time%3D1718880552991%26url%3Dhttps%253A%252F%252Fwww.northstarbets.ca%252Fresponsible-gambling%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2&cookiesTest=true&liSync=true

Request Chain 69

https://login.northstarbets.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Request Chain 83

https://static.kambicdn.com/client/widget-api/kambi-widget-api.js HTTP 307
https://kambi-widget-api.bc.kambicdn.com/kambi-widget-api.js

Request Chain 116

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FC7A6C6EAE41460486DCFD97EA18567D&RedC=c.clarity.ms&MXFR=192B25DA3FCD63550F6F317E3BCD6D7E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FC7A6C6EAE41460486DCFD97EA18567D&MUID=187B5685F52868083CF54221F4826919

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request responsible-gambling Show response
www.northstarbets.ca/ 53 KB
16 KB 462ms
374ms Document
text/html 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-216-132-12.deploy.static.akamaitechnologies.com

Software

server /

Resource Hash

e48f2173367e26d8885bcbe92f4dceb5e38e6ebdb3861f5a83313a20defae1c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

akamai-cache-status: Hit from child
cache-control: max-age=3600
content-encoding: gzip
content-length: 15888
content-type: text/html; charset=UTF-8
date: Thu, 20 Jun 2024 10:49:12 GMT
delegate-ch: sec-ch-ua-full-version-list https://login.northstarbets.ca; sec-ch-ua-model https://login.northstarbets.ca; sec-ch-ua-platform https://login.northstarbets.ca; sec-ch-ua-platform-version https://login.northstarbets.ca; sec-ch-ua-mobile https://login.northstarbets.ca
etag: W/"666c4efd-d225"
expires: Thu, 20 Jun 2024 11:49:12 GMT
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
strict-transport-security: max-age=86400; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sc_applepay.min.js Show response
cdn.safecharge.com/safecharge_resources/v1/ 7 KB
3 KB 131ms
41ms Script
application/javascript 23.214.246.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.safecharge.com/safecharge_resources/v1/sc_applepay.min.js
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.214.246.63 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-214-246-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf2224f45cc9118195af9994a34f46a90e3e9f9ed7814ab5e4898c9e0b3ff412

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2024 09:39:21 GMT
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="ALL ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
access-control-allow-origin
cache-control: must-revalidate, max-age=86400
accept-ranges: bytes
content-length: 2654

GET
H2 200 style.raw.css
www.northstarbets.ca/no_brand_candy-theme/css/ 277 KB
51 KB 40ms
36ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/css/style.raw.css?t=1712738336
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 314720b22487f8748290ad00ab188592017fff33abeee91b70c9ba2810bbf969

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:56 GMT
server: server
etag: W/"66165020-45274"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000
content-length: 52236
expires: Sat, 20 Jul 2024 20:49:12 GMT

GET
H2 200 bundle.css
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 167 KB
37 KB 65ms
61ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.css?t=1712738338
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: c65534c9454f20d85e367a8d5a1b2eacbaddfe61e8494c63603850634e50449e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:58 GMT
server: server
etag: W/"66165022-29d19"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000
content-length: 37168
expires: Sat, 20 Jul 2024 20:49:12 GMT

GET
H2 200 custom-variables.css
www.northstarbets.ca/no_brand_candy-theme/css/ 6 KB
2 KB 77ms
73ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/css/custom-variables.css?t=1718374141859
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 3ae34a90f7e51165d9eb3056e09cc2ad4e139c91b679435d65dfb584ae9a1110

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: W/"666c4efd-1960"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000
content-length: 1695
expires: Sat, 20 Jul 2024 20:49:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 156ms
56ms Stylesheet
text/css 173.194.66.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f95.1e100.net

Software

ESF /

Resource Hash

bbdb8ed22c841766c16fe619697ff50736d4a66cef5729d874caa98a0131151a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 10:46:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 10:49:12 GMT

GET
H2 200 node-modules~bundle~wrapper.js Show response
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 526 KB
159 KB 93ms
90ms Script
application/javascript 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/node-modules~bundle~wrapper.js?t=1712738334
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 2e5a796859a239184abc9058b03d2b3f367fef4a8321d64b32d316893ad6e31c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:54 GMT
server: server
etag: "6616501e-837ac"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2628000
accept-ranges: bytes
content-length: 162184
expires: Sat, 20 Jul 2024 20:49:12 GMT

GET
H2 200 node-modules~bundle.js Show response
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 125 KB
43 KB 77ms
74ms Script
application/javascript 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/node-modules~bundle.js?t=1712738334
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 8d7cf13359f90a2fbe0a7a77d57f9c1d5eed6b82cd1531643aa2fab5c2354bd8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:54 GMT
server: server
etag: "6616501e-1f4bd"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2628000
accept-ranges: bytes
content-length: 43731
expires: Sat, 20 Jul 2024 20:49:12 GMT

GET
H2 200 bundle.js Show response
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 1 MB
319 KB 83ms
81ms Script
application/javascript 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: ceb8cd7e7af4e6f42ecf0d6f16852edab0bb656c31b30acb603d18ae2795963e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:54 GMT
server: server
etag: "6616501e-15f7d4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2628000
accept-ranges: bytes
content-length: 326360
expires: Sat, 20 Jul 2024 20:49:12 GMT

GET
H2 200 main.css
www.northstarbets.ca/library/digitalbeat/ 24 KB
6 KB 91ms
89ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/library/digitalbeat/main.css
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 2744d87f1b24782297feeef38cdb47a0fbaa5e756b2b55df817cf2ea9b798ab3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Tue, 11 Jun 2024 09:09:55 GMT
server: server
etag: W/"66681463-608e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
content-length: 5574
expires: Thu, 20 Jun 2024 11:49:12 GMT

GET
H2 200 translations.css
www.northstarbets.ca/library/digitalbeat/ 727 B
470 B 105ms
103ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/library/digitalbeat/translations.css
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 8e5971f6c8dada92265ed3fa9e757df7d77d4141879da6c99dc6c772eef39952

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 08 May 2024 14:41:58 GMT
server: server
etag: W/"663b8f36-2d7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
content-length: 276
expires: Thu, 20 Jun 2024 11:49:12 GMT

GET
H2 200 domain-styles.css
www.northstarbets.ca/library/digitalbeat/ 2 KB
867 B 105ms
104ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/library/digitalbeat/domain-styles.css
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 35c52b15ece5512d8ba82ff6f5be8ab2542e50b09efadffe1a064d55e3f75de0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Tue, 11 Jun 2024 08:55:52 GMT
server: server
etag: W/"66681118-6eb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3600
content-length: 673
expires: Thu, 20 Jun 2024 11:49:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 425 KB
124 KB 178ms
87ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4881336c8585e954a456070a19ae6ac02c372b8032d823304349a5197a828422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126292
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 10:49:12 GMT

GET
H2 200 ai.2.min.js Show response
js.monitor.azure.com/scripts/b/ 120 KB
57 KB 191ms
50ms Script
text/javascript 13.107.246.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Origin: https://www.northstarbets.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: br
last-modified: Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver: 2.8.18
vary: Accept-Encoding
x-azure-ref: 20240620T104912Z-155bd6cbdddpdprxv2nfr3c80w0000000450000000006pp9
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1c67fd0d-201e-0016-2b5e-ba73d1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid: 0

GET
H2 200 css
fonts.googleapis.com/ 4 KB
599 B 85ms
83ms Stylesheet
text/css 173.194.66.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap:400,500,700&display=swap

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.css?t=1712738338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.66.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f95.1e100.net

Software

ESF /

Resource Hash

6d54c596cfb6f657512e8d9c5ef5e8d5280361489a1b508db1c7a1c6b598db1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 10:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 10:49:12 GMT

GET
H2 200 NSG-Logo-NSB-KO1-cropped-2.svg
www.northstarbets.ca/library/Logos/ 5 KB
2 KB 35ms
35ms Image
image/svg+xml 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Logos/NSG-Logo-NSB-KO1-cropped-2.svg?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 8dfd11bea85d0114b1e5c8f8b0a927a06b508422c12b2a811c7c395c0e5ffeb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Mon, 25 Mar 2024 08:07:02 GMT
server: server
etag: W/"660130a6-1444"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
content-length: 2174
expires: Thu, 27 Jun 2024 10:49:12 GMT

GET
H2 200 maintenance Show response
www.northstarbets.ca/initialResources/ 189 B
369 B 381ms
381ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/initialResources/maintenance?t=1718374141863
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 7b31da0c467bd24db3163b9ae63f8037406e56fc2935b3a1d3d2260afa342425

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
akamai-cache-status: RefreshHit from child, Miss from parent
last-modified: Fri, 14 Jun 2024 14:09:02 GMT
server: server
etag: "666c4efe-bd"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
accept-ranges: bytes
content-length: 151
expires: Thu, 20 Jun 2024 10:49:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 139ms
44ms Script
text/javascript 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 09:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3664
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 20 Jun 2024 11:48:08 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 158ms
49ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 20 Jun 2024 10:49:12 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27DC948ED4D8462386A1ED8D9741CB55 Ref B: YTO01EDGE0518 Ref C: 2024-06-20T10:49:12Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 54ms
53ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11795055&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

37bdd1507f434059d2e5cb8440e469ab3e703d2721f8b815cc9a11de36ed5488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75825
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 10:49:12 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 127ms
38ms Script
application/javascript 23.218.218.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.191 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:47:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=35592
accept-ranges: bytes
content-length: 14004

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 124ms
48ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 10:49:12 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2783, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: nl07rhpw2hFEgdbviNf6fVXMB0M8qLE5MAEpvrq+eDsLLjYt8DYrypoGDOjWYFzkWWjqpgFaNNJdq39DB99Mig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 60ms
60ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-14111480&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ac64dac721fe508b68899aaca287bbc14232639deed7d17817c9bfb6d210e857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75820
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 10:49:12 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 18 KB
18 KB 64ms
19ms Script
text/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:00:13 GMT
age: 2939
x-guploader-uploadid: ACJd0NqBb2jM3dBhGiQJ7-FYUvkjT49IPJHZPA1tNTA0go5p9yYZJyyXXZkq_i5vAhY0XSinhxHylJVK6w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17985
last-modified: Tue, 14 May 2024 14:35:47 GMT
server: UploadServer
etag: "d7cac522641241ca4e9ceac4f1b458e8"
x-goog-generation: 1715697347359123
x-goog-hash: crc32c=Q65p8w==, md5=18rFImQSQcpOnOrE8bRY6A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 17985
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 20 Jun 2024 11:00:13 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/container/25428;130114;14307;iframe/ Frame B7E2 0
0 117ms
41ms Document
text/html 23.204.206.249
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/container/25428;130114;14307;iframe/?ftXRef=[%INSERT_TRANSACTION_ID_HERE%]&ftXValue=[%INSERT_TRANSACTION_VALUE_HERE%]&ftXType=[%INSERT_TRANSACTION_TYPE_HERE%]&ftXName=[%INSERT_TRANSACTION_NAME_HERE%]&ftXNumItems=[%INSERT_TRANSACTION_QUANTITY_HERE%]&ftXCurrency=[%INSERT_TRANSACTION_CURRENCY_HERE%]&U1=[%INSERT_U1_HERE%]&U2=[%INSERT_U2_HERE%]&U3=[%INSERT_U3_HERE%]&U4=[%INSERT_U4_HERE%]&U5=[%INSERT_U5_HERE%]&U6=[%INSERT_U6_HERE%]&U7=[%INSERT_U7_HERE%]&U8=[%INSERT_U8_HERE%]&U9=[%INSERT_U9_HERE%]&U10=[%INSERT_U10_HERE%]&U11=[%INSERT_U11_HERE%]&U12=[%INSERT_U12_HERE%]&U13=[%INSERT_U13_HERE%]&U14=[%INSERT_U14_HERE%]&U15=[%INSERT_U15_HERE%]&U16=[%INSERT_U16_HERE%]&U17=[%INSERT_U17_HERE%]&U18=[%INSERT_U18_HERE%]&U19=[%INSERT_U19_HERE%]&U20=[%INSERT_U20_HERE%]&ft_referrer=https%3A//www.northstarbets.ca/responsible-gambling&ns=&cb=691596.3228834472

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.204.206.249 , United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-204-206-249.deploy.static.akamaitechnologies.com

Software

prod-xre-app3.ash11 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Allow-Fenced-Frame-Automatic-Beacons: true
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1299
Content-Type: text/html
Date: Thu, 20 Jun 2024 10:49:12 GMT
Expires: Thu, 20 Jun 2024 10:49:12 GMT
Pragma: no-cache
Server: prod-xre-app3.ash11
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding

GET
H2 200 2get_northstarbets_ca.js Show response
scripts.prdredir.com/scripts/ 0
180 B 113ms
63ms Script
text/javascript 104.18.31.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.prdredir.com/scripts/2get_northstarbets_ca.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.010355
date: Thu, 20 Jun 2024 10:49:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 896b30df7d05ab60-YYZ
content-length: 0
x-request-id: 070c78ae-6d99-491f-be56-7920a768e8be

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 120ms
37ms Script
application/x-javascript 18.67.60.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-572XNRB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.60.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-60-119.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 19 Jun 2024 20:46:01 GMT
Content-Encoding: gzip
Via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P1
Age: 50592
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 1berSeQvf0CHshfcQW---B8pGCOypWenifX6B7hnhIhcotvh5UqhKQ==

GET
H2

200

activityi;dc_pre=COrJsIaB6oYDFcbh_QUdjTsA9Q;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0....
11795055.fls.doubleclick.net/ Frame A17A
Redirect Chain

https://11795055.fls.doubleclick.net/activityi;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8...
https://11795055.fls.doubleclick.net/activityi;dc_pre=COrJsIaB6oYDFcbh_QUdjTsA9Q;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x8...

0
0

106ms
104ms

Document
text/html

172.217.222.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11795055.fls.doubleclick.net/activityi;dc_pre=COrJsIaB6oYDFcbh_QUdjTsA9Q;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11795055&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 1937
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 10:49:13 GMT
expires: Thu, 20 Jun 2024 10:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 10:49:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11795055.fls.doubleclick.net/activityi;dc_pre=COrJsIaB6oYDFcbh_QUdjTsA9Q;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CMTMsIaB6oYDFcHUuAgdd4EAtA;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)...
11795055.fls.doubleclick.net/ Frame 189A
Redirect Chain

https://11795055.fls.doubleclick.net/activityi;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252...
https://11795055.fls.doubleclick.net/activityi;dc_pre=CMTMsIaB6oYDFcHUuAgdd4EAtA;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=972...

0
0

420ms
420ms

Document
text/html

172.217.222.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11795055.fls.doubleclick.net/activityi;dc_pre=CMTMsIaB6oYDFcHUuAgdd4EAtA;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11795055&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 10:49:13 GMT
expires: Thu, 20 Jun 2024 10:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 10:49:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11795055.fls.doubleclick.net/activityi;dc_pre=CMTMsIaB6oYDFcHUuAgdd4EAtA;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromiu...
ad.doubleclick.net/ 0
24 B 460ms
413ms Image
image/png 173.194.204.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11795055;type=north0;cat=north006;ord=921690733909;npa=0;auiddc=215708852.1718880553;ps=1;pcor=1361318478;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9577858209856178201"}],"aggregatable_trigger_data":[{"filters":[{"14":["12649157"]}],"key_piece":"0xdc95a11c64e93b78","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x9f84ac295d8758c8","not_filters":{"14":["12649157"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"12909511766840056767","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9577858209856178201","filters":[{"14":["12649157"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9577858209856178201","filters":[{"14":["12649157"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9577858209856178201","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9577858209856178201","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11795055"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;register_conversion=1;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0...
ad.doubleclick.net/ 0
24 B 461ms
414ms Image
image/png 173.194.204.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11795055;type=north0;cat=north01f;ord=6028203450210;npa=0;auiddc=215708852.1718880553;u3=undefined;ps=1;pcor=97228080;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2823280575554390954"}],"aggregatable_trigger_data":[{"filters":[{"14":["102322384"]}],"key_piece":"0x68c260ebc281899a","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x68fb43bea3ff72c6","not_filters":{"14":["102322384"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"9602475084298588928","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2823280575554390954","filters":[{"14":["102322384"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2823280575554390954","filters":[{"14":["102322384"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2823280575554390954","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2823280575554390954","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11795055"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIrasoaB6oYDFfTl_QUdyFQLvA;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0....
14111480.fls.doubleclick.net/ Frame 4C61
Redirect Chain

https://14111480.fls.doubleclick.net/activityi;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0...
https://14111480.fls.doubleclick.net/activityi;dc_pre=CIrasoaB6oYDFfTl_QUdyFQLvA;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;...

0
0

104ms
103ms

Document
text/html

172.217.222.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://14111480.fls.doubleclick.net/activityi;dc_pre=CIrasoaB6oYDFfTl_QUdyFQLvA;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-14111480&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 423
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 10:49:13 GMT
expires: Thu, 20 Jun 2024 10:49:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 10:49:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://14111480.fls.doubleclick.net/activityi;dc_pre=CIrasoaB6oYDFfTl_QUdyFQLvA;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%...
ad.doubleclick.net/ 0
24 B 423ms
413ms Image
image/png 173.194.204.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=14111480;type=pagev0;cat=north0;ord=4704606000965;npa=0;auiddc=215708852.1718880553;ps=1;pcor=212758912;uaa=x86;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114;uamb=0;uam=;uap=Win32;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe46h0z8859037176za201zb859037176;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling?

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.204.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qb-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"5609538341158698328"}],"aggregatable_trigger_data":[{"filters":[{"14":["57171918"]}],"key_piece":"0x1ac0506b214574fb","source_keys":["12","13","14","15","16","17","18","19","20","21","15693604","15693605","15693606","15693607","15696864","15696865","15696866","15696867","628804584","628804585","628804586","628804587","628856748","628856749","628856750","628856751"]},{"key_piece":"0xcefae70c79d5491a","not_filters":{"14":["57171918"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","15693604","15693605","15693606","15693607","15696864","15696865","15696866","15696867","628804584","628804585","628804586","628804587","628856748","628856749","628856750","628856751"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"15693604":655,"15693605":655,"15693606":655,"15693607":63569,"15696864":163,"15696865":163,"15696866":163,"15696867":15892,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628804584":65,"628804585":65,"628804586":65,"628804587":6356,"628856748":65,"628856749":65,"628856750":65,"628856751":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"16275417415862657693","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"5609538341158698328","filters":[{"14":["57171918"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"5609538341158698328","filters":[{"14":["57171918"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"5609538341158698328","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"5609538341158698328","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["14111480"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
attribution-reporting-info: preferred-platform=os
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 110ms
47ms Preflight
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.northstarbets.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 10:49:13 GMT
function-execution-id: vtev7reezhmy
server: Google Frontend
x-cloud-trace-context: 76431f2e8a22ae127b77242c01da13e5

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
121 B 89ms
89ms Fetch
text/html 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.northstarbets.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 7137c48fab23990a7200df171ec1c3a6
cache-control: private
function-execution-id: f06oikvbiifb
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
488 B 173ms
95ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://www.northstarbets.ca/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E3EC161469EE44BCBB0766DF59FFB246 Ref B: YTO01EDGE0721 Ref C: 2024-06-20T10:49:13Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://www.northstarbets.ca
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbUBDHi4dCv7fVsbBekw==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
762 B 275ms
198ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0EBDD021759D493D900CA1802D4F9366 Ref B: YTO01EDGE0507 Ref C: 2024-06-20T10:49:13Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYbUBDH6AIhmub8X1/92Q==
x-fs-uuid: 00061b5010c7e802219ae6fc5f5ffdd9

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4684708%26time%3D1718880552991%26url%3Dhttps%253A%252F%252Fwww.northstarbets.ca%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2&cookiesTest=true&liSync=true

0
384 B

85ms
84ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2&cookiesTest=true&liSync=true
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 10:49:12 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 66A3D821DEFC4B98B97ECF805A2F121B Ref B: YTO01EDGE0721 Ref C: 2024-06-20T10:49:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbUBDLStSU4jegiJrQkg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Thu, 20 Jun 2024 10:49:12 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYbUBDJ6VGm9oHtl29mug==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CC377907B2CB48A189D16FCB6A35E083 Ref B: YTO01EDGE0721 Ref C: 2024-06-20T10:49:13Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4684708&time=1718880552991&url=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&tm=gtmv2&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
224 B 46ms
45ms XHR
text/plain 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1546841334&t=pageview&_s=1&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&ul=en-ca&de=UTF-8&dt=NorthStar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=836197329&gjid=1941770044&cid=752616381.1718880553&tid=UA-221794823-1&_gid=198902447.1718880553&_r=1&_slc=1&gtm=45He46h0n81572XNRBv859037176za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=196729355

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

27dbfec746a0b2440ba1a5c55ac536b801910735cfad0f9b3960aebfd53fca9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 10:49:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northstarbets.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
80 B 45ms
45ms XHR
text/plain 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1546841334&t=pageview&_s=1&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&dp=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling%23&ul=en-ca&de=UTF-8&dt=NorthStar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=50937763&gjid=1536040128&cid=752616381.1718880553&tid=UA-227645289-1&_gid=198902447.1718880553&_r=1&_slc=1&gtm=45He46h0n81572XNRBv859037176za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=852138621

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

1ca0581b2dee03940abc2e765efbd4b0f46136756dae88b52fc14f10ce121b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 10:49:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northstarbets.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187014509.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 50ms
50ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187014509.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c0e6c99ba8dc040ce0d3b72d0b3e60c70834267b03ba4f6fba23a37ae8757daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 20 Jun 2024 10:49:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AAA340004F2D4680BF2C82CB60AA49C3 Ref B: YTO01EDGE0518 Ref C: 2024-06-20T10:49:13Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
360 B 62ms
61ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187014509&Ver=2&mid=e15dc5c4-47ce-4d9d-8d02-232e048392b3&sid=bb3d1ee02ef211efbd8335e1fd5ce844&vid=bb3d4db02ef211ef89bfbd552d3ccd98&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=NorthStar&p=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&r=&lt=844&evt=pageLoad&sv=1&rn=652660

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 10:49:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F91607E50404A13A4D34DB6C7761B05 Ref B: YTO01EDGE0518 Ref C: 2024-06-20T10:49:13Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 746646916327970 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 43ms
42ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/746646916327970?v=2.9.158&r=stable&domain=www.northstarbets.ca&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

0918a0aee7cfa3281a9093569456573dbf1c4519962a04cb017c2606ae7b79b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12402
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=61, mss=1380, tbw=63539, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: +DBn49XCVv1rN3wFDmXRYzlP1dxGJ+tJ4lTRlwulvQS0WBtrNe4cNVnaAvfNhtNsXeoCy+gtKUBKEB5EP5KXIg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 55ms
55ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1RJN3Q0WZQ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a75d3b1b520eeed6a78e40cfa367deb903cc0dd8eacddddf2a234c7202de5956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93772
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jun 2024 10:49:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
94 KB 59ms
59ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G2RSGSXYRF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9d91a0573b014fa97931834fb3251b5688d6353117b49d768296e748725ca745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96449
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jun 2024 10:49:13 GMT

GET
H2 200 187014509 Show response
www.clarity.ms/tag/uet/ 866 B
1 KB 177ms
71ms Script
application/x-javascript 13.107.246.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187014509
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187014509.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e52f3b490c05c06ce3ec7d54055a006033c4c220ecb44f67f8644a11c8e0a2b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Thu, 20 Jun 2024 10:49:13 GMT
x-azure-ref: 20240620T104913Z-155bd6cbdddfw92qcs0z6f4hws0000000b40000000003xnh
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 866
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 1010268390384054 Show response
connect.facebook.net/signals/config/ 22 KB
3 KB 37ms
37ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1010268390384054?v=2.9.158&r=stable&domain=www.northstarbets.ca&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

6ad69efe2dbcda20b7287469d38ac3bf3089b681ed567f73874aa279c0f497e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2822
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=23, mss=1232, tbw=4330, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: +WkVnDAtETqJFy7uxhNVkoPKGaqL3BnmNk6p+17e1SrNEaTPUoQOIxZiDr4a4Qt2XBnz5iaORZ+j2qhCt6LiPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 113ms
37ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=746646916327970&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&rl=&if=false&ts=1718880553083&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&it=1718880553023&coo=false&tm=1&rqm=GET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2835, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 138ms
62ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=746646916327970&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&rl=&if=false&ts=1718880553083&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&it=1718880553023&coo=false&tm=1&rqm=FGET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4d3a4e2f01bf333a","source_keys":["1","2"]},{"key_piece":"0x30fd85b04c676de0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 10:49:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382535762154996061", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=19, mss=1380, tbw=3380, tp=-1, tpl=-1, uplat=26, ullat=0
pragma: no-cache
x-fb-debug: 5HJEOJfEwNO7Co9FJlyrywK+1e6FtCeq0dwa3mlzQ4OgYwNLisD4w/7l+Dn92+Ccy+OzdY03AX9EyalgW0mrxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382535762154996061"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 desktop Show response
www.northstarbets.ca/initialResources/tags/ 45 KB
11 KB 1252ms
1251ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/initialResources/tags/desktop?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 53f54760d397f16a45a54e3f5875403fcafc0f2370b6249a12afd44b8871d4ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-dba2788fda0349b9-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.dba2788fda0349b9
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 14 Jun 2024 14:09:02 GMT
server: server
etag: W/"666c4efe-b55a"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
content-length: 11137
expires: Thu, 20 Jun 2024 10:49:14 GMT

GET
H2 200 integration.js.php Show response
login.northstarbets.ca/jswrapper/ 1 KB
1 KB 140ms
64ms Script
application/javascript 172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.northstarbets.ca/jswrapper/integration.js.php?min=1&staticjs=1&casino=northstarbets.ca&onStaticLoad=iapiOnPASLoad

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c21c79a4d61a638b2b1663e8717c39d6f16c55baa66688909f821cb30be5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript
cache-control: private,no-transform,max-age=600
cf-ray: 896b30e1ae78ab21-YYZ
content-length: 606

GET
H/1.1 200
OK / Show response
oapi-cur.techonlinecorp.com/socket.io/1/ 72 B
339 B 96ms
28ms XHR
text/plain 213.187.229.147
PTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://oapi-cur.techonlinecorp.com/socket.io/1/?t=1718880553133

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.187.229.147 , Canada, ASN43937 (PTNET, EE),

Reverse DNS

Software

Resource Hash

c836e18bc6613dafb6f3c5e0e6980f5ac4076ab6bc2fbca94fd9a171cc459489

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.northstarbets.ca
Strict-Transport-Security: max-age=16070400; includeSubDomains
access-control-allow-credentials: true
connection: keep-alive
content-length: 72
content-type: text/plain; charset=UTF-8

GET
H2 200 en_US_desktop Show response
www.northstarbets.ca/initialResources/menu/ 360 KB
13 KB 944ms
944ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/initialResources/menu/en_US_desktop?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: b7730a5d79d0b1b6b544882d08a5db1f0b63dabbee95b10adbc54f00dc9ebd6f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-11279094818545ee-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.11279094818545ee
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 14 Jun 2024 14:09:02 GMT
server: server
etag: W/"666c4efe-5a03a"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
content-length: 13103
expires: Thu, 20 Jun 2024 10:49:14 GMT

GET
H2 200 en_US Show response
www.northstarbets.ca/initialResources/games/ 2 MB
80 KB 937ms
937ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/initialResources/games/en_US?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 6617eaef82facac92dc72dde21b98b7980c8bc167b723a00933ba4c6352f9308

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-130805be32754912-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.130805be32754912
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 14 Jun 2024 14:09:02 GMT
server: server
etag: W/"666c4efe-274ed8"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
content-length: 81484
expires: Thu, 20 Jun 2024 10:49:14 GMT

GET
H2 200 en_US_desktop Show response
www.northstarbets.ca/initialResources/ 665 KB
112 KB 895ms
894ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/initialResources/en_US_desktop?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 29d27ed3cc9184b35e30e41a3e1749438aa559609911f12e76181253ede1dff7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-a2d3d748574e4ca2-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.a2d3d748574e4ca2
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 14 Jun 2024 14:09:00 GMT
server: server
etag: W/"666c4efc-a6337"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
content-length: 114775
expires: Thu, 20 Jun 2024 10:49:14 GMT

GET
H3 200 2384707198399978 Show response
connect.facebook.net/signals/config/ 29 KB
6 KB 38ms
37ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2384707198399978?v=2.9.158&r=stable&domain=www.northstarbets.ca&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

79571392e20d924510096f043ac66df91cc2fa609ceb3ae99cfd533b0d410fe4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=27, mss=1232, tbw=9690, tp=16, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: Sy3JkYa+qdIQhE5mKDfUykcBhvsSS+JEHxJADXomUhGo1b6YhrDb11DTvoj6ujNm+ZTiRuEW8bDWQ+zTDzFp5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 47ms
38ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=746646916327970&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&rl=&if=false&ts=1718880553149&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&it=1718880553023&coo=false&rqm=GET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2835, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1021 B 74ms
65ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=746646916327970&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&rl=&if=false&ts=1718880553149&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&it=1718880553023&coo=false&rqm=FGET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4d3a4e2f01bf333a","source_keys":["1","2"]},{"key_piece":"0x30fd85b04c676de0","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 10:49:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382535762371834655", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=19, mss=1380, tbw=7091, tp=-1, tpl=-1, uplat=29, ullat=0
pragma: no-cache
x-fb-debug: XcREk2PK3/perG/Ncdztnj8i5x0k5hU+BvYbq+mc5QUoEMiZlYhTHk7uZNFhB+EV1BgcP27R/OaVHua6o6Nzzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382535762371834655"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 37ms
36ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1010268390384054&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&rl=&if=false&ts=1718880553150&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&it=1718880553023&coo=false&rqm=GET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=3233, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 69ms
68ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1010268390384054&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&rl=&if=false&ts=1718880553150&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&it=1718880553023&coo=false&rqm=FGET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4356620611e9daf5","source_keys":["1","2"]},{"key_piece":"0xc6497fbee170ea46","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 10:49:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382535762804314633", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=19, mss=1380, tbw=8134, tp=-1, tpl=-1, uplat=32, ullat=0
pragma: no-cache
x-fb-debug: vLji2doW5qXVfSwl1S+2YfbM5qZKxE7R2laR5IB6I2Vzqk4Zhqn0eUbL2iy3n/1eoKkDYU8dsScWbEVQnvHxrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382535762804314633"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 39ms
36ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2384707198399978&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca&rl=&if=false&ts=1718880553196&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&pm=1&hrl=2db4b2&it=1718880553023&coo=false&cs_cc=1&rqm=GET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=19, mss=1380, tbw=9423, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 10:49:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 60ms
59ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2384707198399978&ev=PageView&dl=https%3A%2F%2Fwww.northstarbets.ca&rl=&if=false&ts=1718880553196&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718880553082.36064075515869517&ler=empty&cdl=API_unavailable&pm=1&hrl=2db4b2&it=1718880553023&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x722ed3d8fdd276f9","source_keys":["1","2"]},{"key_piece":"0x9b9b7037157958ad","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 10:49:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382535762715420651", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=19, mss=1380, tbw=9569, tp=-1, tpl=-1, uplat=23, ullat=0
pragma: no-cache
x-fb-debug: jAFI3SBmFg28oEjcvldTvgavnrPM1478SV2+/grTFImA9hMn4bZqkZl2zl66ec+K3Cip2VieM2bzSememOy9nw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382535762715420651"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 46ms
45ms Fetch
text/plain 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1RJN3Q0WZQ&gtm=45je46h0v9136660775za200&_p=1718880552355&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=752616381.1718880553&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&dt=NorthStar&sid=1718880553&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1407&_z=fetch
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qv-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 10:49:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northstarbets.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 46ms
45ms Fetch
text/plain 209.85.144.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-G2RSGSXYRF&gtm=45je46h0v9165134380za200&_p=1718880552355&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=752616381.1718880553&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&dp=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling%23&dt=NorthStar&sid=1718880553&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1444&_z=fetch
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 209.85.144.100 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qv-in-f100.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 10:49:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northstarbets.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 50ms
49ms Script
application/javascript 13.107.246.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187014509
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.246.38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240620T104913Z-155bd6cbdddfw92qcs0z6f4hws0000000b40000000003xnp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 35eee430-101e-0028-3d64-ba4f73000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 staticintegration.js.php Show response
login.northstarbets.ca/jswrapper/ 45 KB
12 KB 42ms
42ms Script
application/javascript 172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.northstarbets.ca/jswrapper/staticintegration.js.php?ver=54bd6b749a4d46bad89699c860950967295dfb4d:&min=1

Requested by

Host: login.northstarbets.ca
URL: https://login.northstarbets.ca/jswrapper/integration.js.php?min=1&staticjs=1&casino=northstarbets.ca&onStaticLoad=iapiOnPASLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3de59af70221edd70991cba69fce45b7c5701aebbd294e755c408517f22ccb59

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
content-language: en-US
cache-control: public, max-age=604800, immutable
cf-ray: 896b30e23ecbab21-YYZ

GET
H2 200 dacs.js Show response
login.northstarbets.ca/jswrapper/ 9 KB
4 KB 45ms
44ms Script
application/javascript 172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.northstarbets.ca/jswrapper/dacs.js?v=3

Requested by

Host: login.northstarbets.ca
URL: https://login.northstarbets.ca/jswrapper/staticintegration.js.php?ver=54bd6b749a4d46bad89699c860950967295dfb4d:&min=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9acce1202062518523f1976a37510b6fcb7beb5a6b68205032e14b971a3a0e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript
cache-control: private, max-age=604800, immutable
cf-ray: 896b30e28f01ab21-YYZ
content-length: 3552

GET
H2 200 clientHintHeaders.js Show response
login.northstarbets.ca/jswrapper/ 2 KB
732 B 66ms
65ms Script
application/javascript 172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.northstarbets.ca/jswrapper/clientHintHeaders.js?v=3

Requested by

Host: login.northstarbets.ca
URL: https://login.northstarbets.ca/jswrapper/staticintegration.js.php?ver=54bd6b749a4d46bad89699c860950967295dfb4d:&min=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript
cache-control: private, max-age=604800, immutable
cf-ray: 896b30e28f04ab21-YYZ
content-length: 671

GET
H2 200 pasSetupPage.php Show response
login.northstarbets.ca/ Frame 7BA6 15 KB
4 KB 48ms
47ms Document
text/html 172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.northstarbets.ca/pasSetupPage.php?casino=northstarbets.ca

Requested by

Host: login.northstarbets.ca
URL: https://login.northstarbets.ca/jswrapper/staticintegration.js.php?ver=54bd6b749a4d46bad89699c860950967295dfb4d:&min=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

888712ed47541355b228a62b0145cee74738249326775661cd879370e7dea7c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0, private
cf-cache-status: DYNAMIC
cf-ray: 896b30e2ff57ab21-YYZ
content-encoding: gzip
content-language: en-US
content-type: text/html
date: Thu, 20 Jun 2024 10:49:13 GMT
server: cloudflare
strict-transport-security: max-age=16070400; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
284 B 122ms
47ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.northstarbets.ca
Date: Thu, 20 Jun 2024 10:49:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2

200

main.js Show response
login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame E1AA
Redirect Chain

https://login.northstarbets.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

31ms
31ms

Script
application/javascript

172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Server

172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80a137091d8e5db2cfd753a09852f1097e2fe278a7721d7115229d1004d98492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
cache-control: max-age=14400, public
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 896b30e40ff1ab21-YYZ
content-type: application/javascript; charset=UTF-8

Redirect headers

location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin: *
date: Thu, 20 Jun 2024 10:49:13 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 896b30e3cfcbab21-YYZ
content-length: 0

POST
H2 200 896b30e2ff57ab21 Show response
login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame E1AA 0
365 B 54ms
53ms XHR
text/plain 172.64.151.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.northstarbets.ca/cdn-cgi/challenge-platform/h/g/jsd/r/896b30e2ff57ab21
Requested by: Host: login.northstarbets.ca
URL: https://login.northstarbets.ca/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jun 2024 10:49:13 GMT
server: cloudflare
cf-ray: 896b30e4d84eab21-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 forms Show response
www.northstarbets.ca/initialResources/ 449 KB
61 KB 397ms
396ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/initialResources/forms?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 0e11826b2c561dae6c77a81397f40deb0b23ad96714ba91c79209c89483fe546

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-f3297c628d24474d-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.f3297c628d24474d
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: W/"666c4efd-702a2"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
content-length: 61778
expires: Thu, 20 Jun 2024 10:49:14 GMT

GET
H2 200 en_US_COOKIE_WC Show response
www.northstarbets.ca/webContent/ 359 B
480 B 36ms
35ms Fetch
text/html 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/webContent/en_US_COOKIE_WC?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 6987dec7a8fd30ac0d3da244cb9c4ed1726c8879dea05ab76ad0d2f725bac408

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-6a7930861de34b31-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.6a7930861de34b31
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: W/"666c4efd-167"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2628000
x-robots-tag: noindex
content-length: 255
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 138ms
43ms Font
font/woff2 209.85.144.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.94 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.northstarbets.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 19:08:24 GMT
x-content-type-options: nosniff
age: 56450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 19:08:24 GMT

GET
H/1.1 200
OK new_jackpotxml.php Show response
webtickers.malmegas.com/jackpots/ 9 KB
1 KB 446ms
146ms Fetch
application/xml 213.187.226.60
PTNET

General

Check archive.org

Show headers Download Go to

Full URL

https://webtickers.malmegas.com/jackpots/new_jackpotxml.php?info=2&casino=northstarbets.ca&currency=CAD

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

213.187.226.60 , Malta, ASN43937 (PTNET, EE),

Reverse DNS

Software

Resource Hash

323ae546ff50f3c0d4c98e3e1f05cb98887c9a7cfd7bd30b25d0807ba9718239

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Encoding: gzip
Date: Thu, 20 Jun 2024 10:49:14 GMT
Age: 250
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=298
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1004

GET
H2 200 en_US_desktop_GUEST Show response
www.northstarbets.ca/pageInfo/responsible-gambling/ 2 KB
988 B 405ms
404ms Fetch
application/json 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/pageInfo/responsible-gambling/en_US_desktop_GUEST?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 75c672cdebb085a3e48b61b341b009c1253bccf196dcb46fa332871e826c5960

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-e9bf188385724c19-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.e9bf188385724c19
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Miss from child, RefreshHit from parent
last-modified: Fri, 14 Jun 2024 14:09:00 GMT
server: server
etag: W/"666c4efc-65a"
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache
content-length: 774
expires: Thu, 20 Jun 2024 10:49:14 GMT

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
284 B 65ms
64ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.northstarbets.ca/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.northstarbets.ca
Date: Thu, 20 Jun 2024 10:49:14 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 en_US_RESPONSIBLEGAMING Show response
www.northstarbets.ca/webContent/ 9 KB
4 KB 122ms
122ms Fetch
text/html 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/webContent/en_US_RESPONSIBLEGAMING?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 28dc851a49a5885ab05a887052f119437d3313a0ec3070ae2ab2f5bfb42735fb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-0331570ea69d47c6-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.0331570ea69d47c6
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: W/"666c4efd-2251"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2628000
x-robots-tag: noindex
content-length: 3675
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 en_US_HEADER Show response
www.northstarbets.ca/webContent/ 9 KB
3 KB 36ms
35ms Fetch
text/html 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/webContent/en_US_HEADER?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 37e938b3cfd3719f203d8f232c3e345cea3285f504e848efef1083d2a35cb139

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-12070d9a14174b27-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.12070d9a14174b27
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: W/"666c4efd-2542"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2628000
x-robots-tag: noindex
content-length: 2450
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 en_US_FOOTER-CUSTOM Show response
www.northstarbets.ca/webContent/ 25 KB
5 KB 38ms
38ms Fetch
text/html 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/webContent/en_US_FOOTER-CUSTOM?t=1718374141863
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: deb541d065020ff841077eb04269d5b9988d1a2ba91b67ccb8eded1a80b88a82

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
traceparent: 00-5db6915062a04cb79bd63140f2e488aa-afd45501b6e0480e-01
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://www.northstarbets.ca/responsible-gambling
request-id: |5db6915062a04cb79bd63140f2e488aa.afd45501b6e0480e
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: W/"666c4efd-64f2"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=2628000
x-robots-tag: noindex
content-length: 5340
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H/1.1 200
OK sdk.js Show response
cdn.us.webpu.sh/Whtrr1lxhwF44v7gDdTl2dwXeEcro0EI/ 179 KB
39 KB 173ms
85ms Script
text/javascript 54.221.249.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.us.webpu.sh/Whtrr1lxhwF44v7gDdTl2dwXeEcro0EI/sdk.js

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.249.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-249-152.compute-1.amazonaws.com

Software

Resource Hash

d5b3df269e03a914f6be36fb5cfc5e0a8e8dfd91b91290ffc1625de4452bf14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 10:49:14 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 29 Apr 2024 15:57:16 GMT
x-amz-request-id: AJ34SCR08AJWKG5S
ETag: W/"0959aa75fb0164bd7d8657bc19dc19d7"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Connection: keep-alive
x-amz-id-2: BPxX6MhXwflhMMN/R3bNlgn6KkgO1TKYnB2hzBnnriRHGQvxqDxIGqAQz6pIWh8KNMbyVeun+mM=

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 81ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=571772db-59b3-42ff-9c59-317894562e91

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1XEFSGR91PCDXE6F
age: 54
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OAeeKDeTQpE8kek846C2mhvc59K+Z8qN+9Jm6dRF1kaXHTO36LS+00rAD/gc+KXlg4dFiT2mbVo=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=klbmAoq4OHLe8%2Fz4Ab00NNzvhfia48%2FjMnPYriFYvX2aPHuW3myOdwzUjELr%2BsCbj2yIfMJ0Mf2NwIeuzxpu%2BkmYInAZduuYaL7Hq9Tyvkgjyd%2B602gNfzUnD%2BReJnODijTXONo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 896b30ebca93a240-YYZ
access-control-allow-headers: *

GET
H2 200 luxon.min.js Show response
cdn.jsdelivr.net/npm/luxon@3.4.2/build/global/ 72 KB
23 KB 62ms
19ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/luxon@3.4.2/build/global/luxon.min.js

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

087007678ce45dea92e55b604ac288585ac521a86deb3a9b65a836aece759a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jun 2024 10:49:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3202117
x-jsd-version: 3.4.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23272
x-served-by: cache-fra-eddf8230062-FRA, cache-yyz4571-YYZ
x-jsd-version-type: version
etag: W/"11fc5-ce8V33ORH8C9fxkfOtkOlMeVnVw"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

kambi-widget-api.js Show response
kambi-widget-api.bc.kambicdn.com/
Redirect Chain

https://static.kambicdn.com/client/widget-api/kambi-widget-api.js
https://kambi-widget-api.bc.kambicdn.com/kambi-widget-api.js

57 KB
18 KB

127ms
42ms

Script
application/javascript

108.138.85.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kambi-widget-api.bc.kambicdn.com/kambi-widget-api.js

Requested by

Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling

Protocol

Server

108.138.85.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-105.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eeb7be1d1702a535ab401d7aae4793711998e8cb4290c0f6d32d27986309b11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/responsible-gambling
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 17 Jun 2024 13:51:16 GMT
x-amz-version-id: ZMUWBgsiYMmHTlhEt4P5YfLA.ZiSuD9v
content-encoding: br
x-content-type-options: nosniff
via: 1.1 0cba74644cedf83bb6fb7dc90d8b0980.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD12-P2
age: 248280
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 17 Jun 2024 13:51:09 GMT
server: AmazonS3
etag: W/"1a74d1e9cb83eb4381186c5cf0b112f4"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: TgYAhKbRjNaacONVxfPNQVOgSMt8ldvXKjqAJnLKFQIV_eTl_6-l0g==

Redirect headers

date: Thu, 20 Jun 2024 10:49:14 GMT
via: 1.1 d125bf8405e840aa51a88ae3d8d91fb2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD12-P1
x-cache: FunctionGeneratedResponse from cloudfront
location: https://kambi-widget-api.bc.kambicdn.com/kambi-widget-api.js
content-length: 0
x-amz-cf-id: P3cq50tmQZRDUOtjqZDBpfNZy6UtR_6WoGAu2JkWbPuz-zS_cMdsvA==

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 34 KB
10 KB 132ms
37ms Script
application/javascript 173.223.163.201
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=pba&
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.163.201 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-223-163-201.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 10:49:14 GMT
Content-Encoding: gzip
x-amz-request-id: XQ0XP6F2Y5D2D6K6
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 9575
x-amz-id-2: EPtuXTXXu+YhRR06YF1q1HUePD4msHBoMGu43OAmjjWHnGLKG51lirKR31mHF72ZeVm3YfV81oI=
Last-Modified: Wed, 14 Jun 2023 06:58:46 GMT
Server: AmazonS3
ETag: "d4e7f1ffd74e53e33a46a668c2e9d67c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=962
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Thu, 20 Jun 2024 11:05:16 GMT

GET
H2 200 logged-in.32f79516062230e1ad43.chunk.js Show response
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 389 B
522 B 39ms
38ms Script
application/javascript 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/logged-in.32f79516062230e1ad43.chunk.js
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 18883f147e74153f0f7bea7b684c36a17067a92b73f98706e1b0384933af8521

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:54 GMT
server: server
etag: "6616501e-185"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2628000
accept-ranges: bytes
content-length: 301
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 logged-out.32f79516062230e1ad43.chunk.js Show response
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 391 B
525 B 36ms
35ms Script
application/javascript 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/logged-out.32f79516062230e1ad43.chunk.js
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: d89d8b958f04b9bca497c44b508cc3df35959db2e8d69358e27de38d7eec4c21

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:54 GMT
server: server
etag: "6616501e-187"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2628000
accept-ranges: bytes
content-length: 303
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 NSG-Logo-NSB-KO1.png
www.northstarbets.ca/library/Logos/updated/ 23 KB
21 KB 39ms
38ms Image
image/png 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Logos/updated/NSG-Logo-NSB-KO1.png?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 79c5a62bfe4a78ed9866c882749472f31d30a1d9f9f54f4e674a98eaeee98ba8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Tue, 02 Apr 2024 09:22:50 GMT
server: server
etag: "660bce6a-5a74"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21553
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 session-ticker.css
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 67 B
271 B 37ms
36ms Stylesheet
text/css 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/session-ticker.css
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: c2a5e93ac7cfecacd7ad6cebe114bdd02185504d719b68b1786c29d3c94e5361

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:58 GMT
server: server
etag: W/"66165022-43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2628000
content-length: 77
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 session-ticker.32f79516062230e1ad43.chunk.js Show response
www.northstarbets.ca/no_brand_candy-theme/js/app-out/ 940 B
774 B 36ms
35ms Script
application/javascript 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/session-ticker.32f79516062230e1ad43.chunk.js
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/no_brand_candy-theme/js/app-out/bundle.js?t=1712738334
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 55f368d7f50034e1f81f6d0cb9c5d46683503b12179678ac4d2fda264619312e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Wed, 10 Apr 2024 08:38:54 GMT
server: server
etag: "6616501e-3ac"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2628000
accept-ranges: bytes
content-length: 552
expires: Sat, 20 Jul 2024 20:49:14 GMT

GET
H2 200 500x333-VISA%20copy.webp
www.northstarbets.ca/library/Footer/payment-logos/may23/ 23 KB
8 KB 38ms
35ms Image
image/webp 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/payment-logos/may23/500x333-VISA%20copy.webp?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 88537cc804fdf5bf9810b47fb8330d5ce378f666ed95b9d8debdda4fa6a8596f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:07 GMT
server: server
etag: "6516fde7-5a32"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8356
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 500x333-INTERAC%20copy.webp
www.northstarbets.ca/library/Footer/payment-logos/may23/ 22 KB
8 KB 39ms
36ms Image
image/webp 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/payment-logos/may23/500x333-INTERAC%20copy.webp?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 24cbb450c1b3ec272c4c0d2a170e3c63dbbf01d56a28a2bed3aa23470b9989a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:07 GMT
server: server
etag: "6516fde7-58d2"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8109
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 500x333-MASTERCARD%20copy.webp
www.northstarbets.ca/library/Footer/payment-logos/may23/ 21 KB
7 KB 40ms
37ms Image
image/webp 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/payment-logos/may23/500x333-MASTERCARD%20copy.webp?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: c8beaa31b6a6349a7f760577644e0d2366f6f61a1ba6b0f6451a251af8055567

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:07 GMT
server: server
etag: "6516fde7-5358"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6703
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 500x333-AMEX%20copy.webp
www.northstarbets.ca/library/Footer/payment-logos/may23/ 23 KB
8 KB 40ms
38ms Image
image/webp 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/payment-logos/may23/500x333-AMEX%20copy.webp?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 691e1c323f4b3d5685bf80ff82a9114b1437843d3e0365c790d2639b94dd1f68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:07 GMT
server: server
etag: "6516fde7-5a88"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8491
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 500x333-PAYPAL-3%20copy.webp
www.northstarbets.ca/library/Footer/payment-logos/ 7 KB
7 KB 41ms
39ms Image
image/webp 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/payment-logos/500x333-PAYPAL-3%20copy.webp?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 7a6c1976f920b40475926e156daba9a244df4e72009b93b2410352ca68f07876

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Tue, 14 Nov 2023 16:18:48 GMT
server: server
etag: "65539de8-1db8"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7448
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 19-PLUS-c.png
www.northstarbets.ca/library/Footer/ 27 KB
22 KB 41ms
38ms Image
image/png 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/19-PLUS-c.png
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: d937cebfb63f0680361be4e12b7773a03117570ad6033ae3b0460ed078dea32a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:07 GMT
server: server
etag: "6516fde7-6daa"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22114
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 NSG-Logo-NSB-KO1.png
www.northstarbets.ca/library/Logos/ 23 KB
21 KB 42ms
40ms Image
image/png 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Logos/NSG-Logo-NSB-KO1.png
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 79c5a62bfe4a78ed9866c882749472f31d30a1d9f9f54f4e674a98eaeee98ba8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:39:37 GMT
server: server
etag: "6516fdc9-5a74"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21553
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 ontario-white.png
www.northstarbets.ca/library/Footer/regulatory/ 12 KB
12 KB 43ms
41ms Image
image/png 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/regulatory/ontario-white.png
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 26bfc32c8a72b27ee15b21c46f2595d41f075fba4156abcd5849df113005757e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:08 GMT
server: server
etag: "6516fde8-2e61"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11678
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 RG_Check_RGB_White.png
www.northstarbets.ca/library/Footer/regulatory/ 196 KB
87 KB 44ms
42ms Image
image/png 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/regulatory/RG_Check_RGB_White.png?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: 405a249c9547edd9729493487d98614173efbf7ee715c99d02e13240de5d5681

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Mon, 06 May 2024 08:57:01 GMT
server: server
etag: "66389b5d-30e48"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 89320
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 2020-LOGO-IBIA-COLOR.webp
www.northstarbets.ca/library/Footer/regulatory/color/ 48 KB
34 KB 45ms
44ms Image
image/webp 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/Footer/regulatory/color/2020-LOGO-IBIA-COLOR.webp?siteid=1
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: f74df4396b7e04557a8b9568336b3b43a919ded40ee2a3916d36b17ccf2211a3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:40:08 GMT
server: server
etag: "6516fde8-bfba"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34702
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 Question_Mark.svg
www.northstarbets.ca/library/help-hover-menu/ 916 B
800 B 36ms
34ms Image
image/svg+xml 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.northstarbets.ca/library/help-hover-menu/Question_Mark.svg
Requested by: Host: www.northstarbets.ca
URL: https://www.northstarbets.ca/responsible-gambling
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: f494562c6d33c2f3fea55d32d7f87b79029a64c3d335ed800d61368030d6f78d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:14 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 29 Sep 2023 16:39:59 GMT
server: server
etag: W/"6516fddf-394"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
content-length: 594
expires: Thu, 27 Jun 2024 10:49:14 GMT

GET
H2 200 JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 48ms
44ms Font
font/woff2 209.85.144.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq6R9WXh0pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.94 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f94.1e100.net

Software

sffe /

Resource Hash

da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://www.northstarbets.ca
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 19:19:43 GMT
x-content-type-options: nosniff
age: 55771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15396
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Jun 2025 19:19:43 GMT

GET
H2 200 571772db-59b3-42ff-9c59-317894562e91 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 84ms
34ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/571772db-59b3-42ff-9c59-317894562e91

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f95b566f0eb401e3b7becad35f62af1c0d032a4a0494c9d83dc9df2ef339afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 54
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 895bcb12fbc138e1-SEA, 895bcb12fbc138e1-SEA
x-runtime: 0.011962
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"8f95b566f0eb401e3b7becad35f62af1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=427AJy6Fyd2OcziD35vdGCO47Xl0SXlhonJN2pbp9qlccRPM9awAshwC3QQ6lCCavrhm5S9tzWLs%2BEqaQN2tW9YqIVKIW0LhblRDymmeyCv%2F0CotxESppP%2Fb9F2mePjYFGw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 896b30ecb8b2ac31-YYZ

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 13 B
367 B 212ms
115ms XHR
application/json 18.165.83.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-57.iad55.r.cloudfront.net
Software: /
Resource Hash: 38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
via: 1.1 d6b2e9bf1f40c8fcec509faeb60f8c54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.northstarbets.ca
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 13
x-amz-cf-id: 4LcS6dxprMbHGpFFKUQM4u9d046COFpn_xfb7kQLTPabEbsEGLpsKw==

POST
H/1.1 200
OK deviceCreate Show response
api.us.xtremepush.com/push/api/ 231 B
919 B 278ms
189ms XHR
application/json 54.221.249.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.us.xtremepush.com/push/api/deviceCreate

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.249.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-249-152.compute-1.amazonaws.com

Software

Resource Hash

2da9f9b2a47cd767a82f785767b27bdf53667d2f9b804a92c5d264d235dc0258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://www.northstarbets.ca/responsible-gambling
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 10:49:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.northstarbets.ca
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-XSS-Protection: 1; mode=block

GET
H2 200 web-widget-main-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame A8BD 466 KB
143 KB 42ms
41ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=571772db-59b3-42ff-9c59-317894562e91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df3442982a2802fbd2ff9af5791efaaed5e7547e92d8b7c8a87a548af5e7b646

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: ezAjB0k3wqJKTsxVNeX4PL.m4o.reOlk
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3YZHRVTXYNW1JF51
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 8gmQgMMF5M4jXVxARcek0wpezHt3LWf5SZK58qEcificCpJw7L+AWs8hEaSYL2e7J0fXXZAVe8Q=
last-modified: Tue, 18 Jun 2024 12:04:04 GMT
server: cloudflare
etag: W/"3a35ddf83ef1d75c127252e29d81bab1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2F7%2BUQkPBbPzOvrxIdIwUupySGb8gZA2SHq7bOt9cYtdiyjUTcXMEEIILh4%2FuE%2BUUKSq%2BFKcxgOuVDI24SwmxnBSYLOvQiLgkJrp%2B8nAfYbxkRR0DbfDuf0%2BPOP7eGls6hk9G%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30ecfb2ea240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:02 GMT

GET
H2 200 en-us-json-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame A8BD 20 KB
4 KB 33ms
32ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: 4trfKxavXJB3vXVXSVn5tCELN5piGtTn
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9YW761SVGRK5KYYV
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: oAIEUu+JQcDV39xf3LtWk6cCsxJh6u2qrXC7Gibr9PA/OrxzyEVb7+EKXxnujlsPNUZnHhCNYSifJGRqQYDBi8+Ukienj7TF
last-modified: Tue, 18 Jun 2024 12:04:05 GMT
server: cloudflare
etag: W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STtLSOR5LhTtbtHk93tMKNj%2BFZaNexEF018yP0O8NmXuIqwpR2%2FB2nT%2BsPdHtCKewN1fdky2Qds0no6nHTMdoimA5MX7%2BGA7jesd8Sv%2FCyHe%2B9v9CzsWFNeoezUKt65tD5TIS%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30edfbaea240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:04 GMT

GET
H2 200 web-widget-4852-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame A8BD 139 KB
47 KB 38ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: QZp0pqgwgOLAm66wA3VQ9gVEz8Ybtsiv
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3YZV4P9Q4NHX770P
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: R3WfFqrMVnwOkGF0iQxvHxfYsUak4jC1lpPsLQMLwOD9bPilBWCHEdmwEnOZzzAOamIJVw3IKLLPuxnAuv4MZg==
last-modified: Tue, 18 Jun 2024 12:04:03 GMT
server: cloudflare
etag: W/"40fb729956c4a956df4256614af4b393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxvJ1bm9zuoP%2BW3oG1opt8p5Zlft6NaXnW%2BXQmbB6ofi7%2FdEDz899ha9lC%2FPCLayhoUGPh3oDhDpcIzJdzdQ0JYfD%2B0w7g0iqejjYG26%2BJSksLChpMAZO%2BUmAu2sXRfas95B7Rk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30edfbb0a240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:02 GMT

GET
H2 200 web-widget-9527-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame A8BD 29 KB
11 KB 36ms
34ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: YC.iV1Qc7b4qsSKn3k4whrbCNm5VQ30p
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3YZKD0QF64C110BK
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 4aiWw0dsM8t6qDNVBDJeOZSJesH63mQAw2uGlpPgOfbFqWRW+lqDsOlY89p9kLlbh1UeNuy2WNI=
last-modified: Tue, 18 Jun 2024 12:04:04 GMT
server: cloudflare
etag: W/"083d4fe56f4013855997ad6d21392f69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6JJrq5lTMDYKlLXD8HozJTP%2FwYFT7b1Qdv7wn5wyS3SWHUVCK%2BPznnQq0BFjciNrkF1EKe%2BrLgNvz1DNjTlXhsp0flvrpztnjJ9Z8bxCWKFLdloVojoRIbSGRv1hCyazkGOnMdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30edfbb1a240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:02 GMT

GET
H2 200 web-widget-2306-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame A8BD 14 KB
4 KB 32ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: 0BlqScfhLkZs1UurnZbnaTRhBffbySzn
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3YZVTW6W5JCBP52M
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: H6e621JF2AeFn8udikW7C+4gi1O/at3B3doJo6bKqGnPZVds+4AJZOR7Q1EbbRYU3HVKbFE1KtE=
last-modified: Tue, 18 Jun 2024 12:04:03 GMT
server: cloudflare
etag: W/"1b2c14135523982db180c989ec11c5cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeKO0zd4%2F2UuB1SB86VX0ry9It2Yy9YZEd7i1xcRt9o%2BlF6cCTRSGeq84mVdJOd9uzWsEED8VilaGcEBJVWARZVC%2FQuw%2BIwx%2F%2F9RkhOjDykqvSitecisNkSC5rsxEuoOrsX%2FvhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30edfbb2a240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:02 GMT

GET
H2 200 web-widget-5178-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame A8BD 12 KB
5 KB 40ms
40ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: 9clausNQsztvaXCilP4kz8ueMZ3QN1_Z
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9YW497J0GQDBFVY3
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Qn/D3qr2JECw7eL+/KvJFBSitaStVlOTC1YcyKYvd2kD65Uksjhu/4hSkxUpqXc3aiQcDrkNzjk=
last-modified: Tue, 18 Jun 2024 12:04:03 GMT
server: cloudflare
etag: W/"7ea6a03ae546d28215fb61ff43d384ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBJDDbF9gFj4F5u7OFY%2Blsebi1QK10QdCyfQrF%2Byw4mQQHF37HVfGY07lGcikYFmH2bCL4DUybPXO2vfWGBBa9HHbroUE%2FHBN2LP4vvVtb%2BD4sB5ijYLtVk0Pobk2iVW3vAG%2Fmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30edfbb3a240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:02 GMT

GET
H2 200 web-widget-9535-67c35ac.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame A8BD 15 KB
6 KB 36ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-67c35ac.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2533c8e2ab843fab73ebf949f41959aa93a9376019e8d9ec57fb79fdcfdd980

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
x-amz-version-id: R7BknJZOYNKRj1KPNatcq__rEfB6aKOB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 3YZZPGYVWCPCAG69
age: 161477
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Fi7br1VBbR4qyipQrdKdDbKB9sYgkyqu4AbtAYxFoZH40UmRf1YJIO2IZjCVhBA4DJTLXiK3ezQ=
last-modified: Tue, 18 Jun 2024 12:04:04 GMT
server: cloudflare
etag: W/"9fcec5882e8ed5ae7af4c4a36c84ba05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vbta%2BsGXeIFhCyExcgGQHsWGQBlafur%2FsDRCCrwuryB7cOaZWUFH6SOXHxRxtascgs3mm9lzA70GX8QT6qe0LODJ9Myte%2Bst%2BF6%2FHUIimTOWdotWnapLShAxYkbNwdqXC%2B3u%2BzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 896b30ee0bb4a240-YYZ
access-control-allow-headers: *
expires: Wed, 18 Jun 2025 12:04:02 GMT

POST
H2 200 events Show response
wa.appsflyer.com/ 80 B
539 B 192ms
105ms XHR
application/json 52.85.132.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.appsflyer.com/events?site-id=52b0e15e-2306-4d30-84db-7d09c5a6ba45
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-107.iad50.r.cloudfront.net
Software: /
Resource Hash: 61b8b399a17ff9e82c2e029a42d2cdd5d76f8a55de1e18c1ee0537674def1c0a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
via: 1.1 a2da30f5dacfbd28d77cf4c9702318f8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD50-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.northstarbets.ca
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 80
x-amz-cf-id: tMckE02lQxNRuUohVIDAVCp6XKnebMCJ87lgaWN5OqQcji583qVRZw==

OPTIONS
H2 204 pv
nsgsupportteam.zendesk.com/frontendevents/ Frame 0
0 182ms
125ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsgsupportteam.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.northstarbets.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 896b30eeabb2aac6-YYZ
date: Thu, 20 Jun 2024 10:49:15 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOoD1zE3uZg2M5VJxNRPxiJ%2FLxukQCv37fiGscL2qRQicN0K%2B7qQ1lYgRWnkXxE4snUuMWcwq6cqMv1tm4jHo23mE8Wr6yWRYRGeX7igw15OFwiHicD77rHqUx09YwA1%2F4tStSvry4uURrRl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 896b30eeabb2aac6-YYZ
x-zendesk-zorg: yes

POST
H2 200 pv
nsgsupportteam.zendesk.com/frontendevents/ Frame A8BD 0
0 123ms
122ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsgsupportteam.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nskGGhJEIjy7VOqxd79koCcXXN38yvc7m0i5mROpjjjJ3zA6YqnxG7JhxQDJbmQEb9J9eHChnM5I6gc42SWXwywkQWym8rrInquhzGMuWzronDrgizXYLK%2BZYSRNqYKQ%2FEh%2BhFnTZ4tGWJo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 896b30ef6c41aac6-YYZ
content-length: 0
x-request-id: 896b30ef6c41aac6-YYZ

GET
H2 200 config Show response
nsgsupportteam.zendesk.com/embeddable/ Frame A8BD 833 B
1 KB 92ms
36ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nsgsupportteam.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-67c35ac.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948650cdd341fff3b65490e81f5856dbbc26bf1347e63379dde1456f62b8803a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 52
x-zendesk-origin-server: embeddable-app-server-6785949fc5-w5m25
x-cached: STALE
x-runtime: 0.001797
last-modified: Thu, 20 Jun 2024 10:48:23 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0f9vw0NBGnRCA15lRbb7BZFZss0CfGA5EdybgFtuO6eZG0u2mF3oUKjHlo%2F7uyz9U5ynfjmjVWzfs8wU0FGsuI%2BnjwYbS2MqtFIPCyERkyf496YvjazESfxW%2Br%2BvEin7QGadAqhbgCaj0wC"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 896b30ee9bb1aac6-YYZ

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FC7A6C6EAE41460486DCFD97EA18567D&RedC=c.clarity.ms&MXFR=192B25DA3FCD63550F6F317E3BCD6D7E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FC7A6C6EAE41460486DCFD97EA18567D&MUID=187B5685F52868083CF54221F4826919

42 B
442 B

33ms
33ms

Image
image/gif

20.125.209.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FC7A6C6EAE41460486DCFD97EA18567D&MUID=187B5685F52868083CF54221F4826919
Protocol: H2
Server: 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/responsible-gambling
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 10:49:14 GMT
last-modified: Fri, 01 Mar 2024 22:54:06 GMT
server: Microsoft-IIS/10.0
etag: "8573f85c2b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 10:49:14 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9C0DE94ACFA84DA5AF14AFF3BE9E557C Ref B: YTO01EDGE0518 Ref C: 2024-06-20T10:49:15Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FC7A6C6EAE41460486DCFD97EA18567D&MUID=187B5685F52868083CF54221F4826919
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame CAD4 0
0 42ms
41ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=fat3dnv&ref=https%3A%2F%2Fwww.northstarbets.ca%2Fresponsible-gambling&upid=ql4rllw&upv=1.1.0&td1=undefined
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www.northstarbets.ca/responsible-gambling
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 20 Jun 2024 10:49:15 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 favicon-32.png
www.northstarbets.ca/favicons/ 692 B
923 B 35ms
35ms Other
image/png 23.216.132.12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northstarbets.ca/favicons/favicon-32.png?t=1718374141863
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.216.132.12 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-216-132-12.deploy.static.akamaitechnologies.com
Software: server /
Resource Hash: f50b0d28ff732980e53586c4f1e952d72acb4da4a421e0cfd2b3693f9fd4a127

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
content-encoding: gzip
akamai-cache-status: Hit from child
last-modified: Fri, 14 Jun 2024 14:09:01 GMT
server: server
etag: "666c4efd-2b4"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 715
expires: Thu, 27 Jun 2024 10:49:15 GMT

POST
H/1.1 200
OK eventHit Show response
api.us.xtremepush.com/push/api/ 58 B
693 B 45ms
45ms XHR
application/json 54.221.249.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.us.xtremepush.com/push/api/eventHit

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.221.249.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-249-152.compute-1.amazonaws.com

Software

Resource Hash

ed91436df65a32d3279eeef148d78d04bbb1126339fb56b572113478860c0642

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://www.northstarbets.ca/responsible-gambling
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 10:49:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.northstarbets.ca
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
Content-Length: 58
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK deviceUpdate Show response
api.us.xtremepush.com/push/api/ 68 B
487 B 83ms
38ms XHR
application/json 54.221.249.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.us.xtremepush.com/push/api/deviceUpdate
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.249.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-249-152.compute-1.amazonaws.com
Software: /
Resource Hash: 33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: application/json
Referer: https://www.northstarbets.ca/responsible-gambling
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 10:49:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.northstarbets.ca
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 198ms
49ms Preflight 52.179.73.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.northstarbets.ca
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Thu, 20 Jun 2024 10:49:15 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
202 B 151ms
150ms XHR
application/json 52.179.73.39
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

9884983160b9c9dc48ee5fc976e3f10661900b1544bd8fb84d2cab1617d096c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.northstarbets.ca/responsible-gambling
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 10:49:15 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H2 200 onelink Show response
wa.onelink.me/v1/ 51 B
511 B 106ms
106ms XHR
application/json 18.165.83.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wa.onelink.me/v1/onelink?af_id=e758c8c8-d337-472b-bb9d-f2df0911d6da-p
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.165.83.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-57.iad55.r.cloudfront.net
Software: /
Resource Hash: 5c8b9975b6ab875dc8b6667c9c5b9a0e70b39635433206ca2892ad7c1d9f4191

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 10:49:15 GMT
via: 1.1 d6b2e9bf1f40c8fcec509faeb60f8c54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.northstarbets.ca
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 51
x-amz-cf-id: EwsRirjXII2Fx0Pz2B94g1Uob9Tu47ohv2n4iSFn-7y9NL03w5wvmg==

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
284 B 64ms
64ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://www.northstarbets.ca/responsible-gambling
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.northstarbets.ca
Date: Thu, 20 Jun 2024 10:49:16 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

Verdicts & Comments Add Verdict or Comment

322 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.northstarbets.ca/	1970-01-21 06:13:36	Name: ai_user Value: vET3ppRf11LuY8NAHEjLHA\|2024-06-20T10:49:12.733Z
.northstarbets.ca/	1970-01-20 23:37:36	Name: _gcl_au Value: 1.1.215708852.1718880553
www.northstarbets.ca/	1970-01-21 06:13:36	Name: __pdst Value: d6ee1b114246475cb6d073111d25d2fb
.northstarbets.ca/	1970-01-21 07:04:00	Name: _ga Value: GA1.2.752616381.1718880553
.northstarbets.ca/	1970-01-20 21:29:26	Name: _gid Value: GA1.2.198902447.1718880553
.northstarbets.ca/	1970-01-20 21:28:00	Name: _gat_UA-221794823-1 Value: 1
.northstarbets.ca/	1970-01-20 21:28:00	Name: _gat_UA-227645289-1 Value: 1
.northstarbets.ca/	1970-01-20 21:29:26	Name: _uetsid Value: bb3d1ee02ef211efbd8335e1fd5ce844
.northstarbets.ca/	1970-01-21 06:49:36	Name: _uetvid Value: bb3d4db02ef211ef89bfbd552d3ccd98
.flashtalking.com/	1970-01-21 06:57:24	Name: flashtalkingad1 Value: "GUID=60159561643B5A"
www.northstarbets.ca/	1970-01-20 21:28:02	Name: ai_sessionportal Value: RDN/UU2BI1F/K/CWQlvMRK\|1718880553048\|1718880553048
.bing.com/	1970-01-21 06:49:36	Name: MUID Value: 187B5685F52868083CF54221F4826919
.bat.bing.com/	1970-01-20 21:38:05	Name: MR Value: 0
.northstarbets.ca/	1970-01-20 23:37:36	Name: _fbp Value: fb.1.1718880553082.36064075515869517
.linkedin.com/	1970-01-20 23:37:36	Name: li_sugr Value: 553e8b54-3e17-41fd-8cd3-9bd811a97f92
.linkedin.com/	1970-01-20 21:29:26	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2814:u=1:x=1:i=1718880553:t=1718966953:v=2:sig=AQFtJtQDN1sM9MT0B5yFMSYBPuquea2P"
.linkedin.com/	1970-01-20 22:11:12	Name: UserMatchHistory Value: AQK3us7De4ykNgAAAZA1Q8jjq3WcMVD3m5rKrtp3MzNuHTRLu-IZz5JX8KQD9S3vt_12L_n4WZw0BA
.linkedin.com/	1970-01-20 22:11:12	Name: AnalyticsSyncHistory Value: AQKJt6FXuxf8PwAAAZA1Q8jjOy-F-fy80FlP8hFWP7Pv99yiNuwRXXbEq-KZQXya-Qw8GIQ0fN1lJjO3Rqt9iA
.linkedin.com/	1970-01-21 06:13:36	Name: bcookie Value: "v=2&3ede98e0-81c4-4905-8137-45fed4d2b179"
www.clarity.ms/	1970-01-21 06:13:36	Name: CLID Value: 2dda15bc49d247a4af5faff68dadefac.20240620.20250620
.northstarbets.ca/	1970-01-21 07:04:00	Name: _ga_1RJN3Q0WZQ Value: GS1.2.1718880553.1.0.1718880553.0.0.0
.login.northstarbets.ca/	1970-01-20 21:28:02	Name: __cf_bm Value: apajGGJkOQOgxe_.D7KcM2v6_gc077Iu7EOidog7tSg-1718880553-1.0.1.1-5HUF0hjkAsfclGEVDfEXFBJuXLC497GHiN7xz9V7QwUjpCekKfHr7TCscgwZXKpMsHleJyMhAP1SGvivDTzsGw
.northstarbets.ca/	1970-01-21 07:04:00	Name: _ga_G2RSGSXYRF Value: GS1.2.1718880553.1.0.1718880553.0.0.0
.www.linkedin.com/	1970-01-21 06:13:36	Name: bscookie Value: "v=1&20240620104913aa63f0d0-cc28-4d8a-8e89-4230bd933af7AQEDiaKlw-lqAx1y3lBpYkcsHUz2Jinf"
.doubleclick.net/	1970-01-20 22:11:12	Name: ar_debug Value: 1
.northstarbets.ca/	1970-01-21 06:13:36	Name: _clck Value: 1aradsf%7C2%7Cfms%7C0%7C1632
.login.northstarbets.ca/	1969-12-31 23:59:59	Name: _cfuvid Value: 37EUoHwd5CKygnieelRpOZdhfhkPGFaS3lpjPH.6RMs-1718880553457-0.0.1.1-604800000
.doubleclick.net/	1970-01-21 01:47:12	Name: receive-cookie-deprecation Value: 1
.northstarbets.ca/	1970-01-20 21:29:26	Name: _clsk Value: 7c6hbx%7C1718880553719%7C1%7C1%7Cy.clarity.ms%2Fcollect
.login.northstarbets.ca/	1970-01-21 06:13:36	Name: cf_clearance Value: BUgRL9HB0oyQ1x2AAWZupX2u407mjzn9FnfJmTR9Wok-1718880553-1.0.1.1-I78dWAmcqzu39ObBcU3Qh4Yk2WPaYdOpxeH5d5_iVhGkQJh5rZatc0kZj7ICxaAOxUQ_7skrtwxqol4nBDzKkQ
.doubleclick.net/	1970-01-21 07:04:00	Name: IDE Value: AHWqTUlSHS8KGbkMlh522nadvuZz_TivMwPTOnib53mfSxxZddKRt3o9CZ7PWHWDwj0
.yahoo.com/	1970-01-21 06:13:58	Name: A3 Value: d=AQABBCkJdGYCELFpdzrw55E5UO60ivFqZRQFEgEBAQFadWZ9ZiXaxyMA_eMAAA&S=AQAAAljTTVrY6NjXd7MNvYo3YUg
.adsrvr.org/	1970-01-21 06:13:36	Name: TDID Value: 836f2555-0b26-4103-b987-a1635993659b
.adnxs.com/	1970-01-21 07:04:00	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 06:13:36	Name: khaos Value: LXN53ONV-1D-54VR
.rubiconproject.com/	1970-01-21 06:13:36	Name: audit Value: 1\|T7SDzk32aPNNQ5pgmqBJ4Mh7rPixMpc+sW1Ud2v0olLR7jvvc+23XHJIIBlNIXAWiikC4fLSoWEwHTRO1/p4iHX0qfg68IpFQAPcN3ARK862byjXEMoG0avmJjnY4Q1pwrbyhdWfJdDNrTHrdfUHTIrgdSQvdYEx2aL6oCrrk3TREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
api.us.xtremepush.com/	1970-01-21 01:47:12	Name: _xpid_4376 Value: 4421963340
.casalemedia.com/	1970-01-21 06:13:36	Name: CMID Value: ZnQJK9HM6Y0AACnwAGgd-QAA
.casalemedia.com/	1970-01-20 23:37:36	Name: CMPS Value: 3569
.casalemedia.com/	1970-01-20 23:37:36	Name: CMPRO Value: 3569
.appsflyer.com/	1970-01-21 06:56:48	Name: af_id Value: e758c8c8-d337-472b-bb9d-f2df0911d6da-p
.northstarbets.ca/	1970-01-21 07:04:00	Name: afUserId Value: e758c8c8-d337-472b-bb9d-f2df0911d6da-p
.c.bing.com/	1970-01-20 21:38:05	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:49:36	Name: SRM_B Value: 187B5685F52868083CF54221F4826919
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:49:36	Name: MUID Value: 187B5685F52868083CF54221F4826919
.c.clarity.ms/	1970-01-20 21:38:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:28:01	Name: ANONCHK Value: 0
.bidswitch.net/	1970-01-21 06:13:36	Name: tuuid Value: 3ce7787a-f1f1-4307-b281-a5cc5b9574b7
.bidswitch.net/	1970-01-21 06:13:36	Name: c Value: 1718880555
.bidswitch.net/	1970-01-21 06:13:36	Name: tuuid_lu Value: 1718880555
.onelink.me/	1970-01-21 07:04:00	Name: af_id Value: e758c8c8-d337-472b-bb9d-f2df0911d6da-p
.northstarbets.ca/	1970-01-20 21:38:05	Name: AF_SYNC Value: 1718880555501
.pubmatic.com/	1970-01-20 23:37:36	Name: KRTBCOOKIE_377 Value: 6810-836f2555-0b26-4103-b987-a1635993659b&KRTB&22918-836f2555-0b26-4103-b987-a1635993659b&KRTB&22926-836f2555-0b26-4103-b987-a1635993659b&KRTB&23031-836f2555-0b26-4103-b987-a1635993659b
.pubmatic.com/	1970-01-20 22:11:12	Name: PugT Value: 1718880554
.adsrvr.org/	1970-01-21 06:13:36	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwiin4aOlciIPRAFEhUKBmdvb2dsZRILCLjJho6VyIg9EAUSFgoHcnViaWNvbhILCNboho6VyIg9EAUSFQoGY2FzYWxlEgsIipamkZXIiD0QBRIYCgliaWRzd2l0Y2gSCwj6uKaRlciIPRAFEhcKCHB1Ym1hdGljEgsIrNmmkZXIiD0QBRgFIAIoAzILCIDvqL6ryIg9EAVCDyINCAESCQoFdGllcjMQAVoHZmF0M2RudmAB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11795055.fls.doubleclick.net
14111480.fls.doubleclick.net
ad.doubleclick.net
api.us.xtremepush.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn.pdst.fm
cdn.safecharge.com
cdn.us.webpu.sh
connect.facebook.net
dc.services.visualstudio.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.adsrvr.org
js.monitor.azure.com
kambi-widget-api.bc.kambicdn.com
login.northstarbets.ca
nsgsupportteam.zendesk.com
oapi-cur.techonlinecorp.com
px.ads.linkedin.com
scripts.prdredir.com
servedby.flashtalking.com
snap.licdn.com
static.kambicdn.com
static.zdassets.com
us-central1-adaptive-growth.cloudfunctions.net
wa.appsflyer.com
wa.onelink.me
websdk.appsflyer.com
webtickers.malmegas.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.northstarbets.ca
y.clarity.ms
104.16.53.111
104.18.31.27
104.18.70.113
104.211.35.148
108.138.64.35
108.138.85.105
13.107.246.38
13.107.42.14
142.251.174.97
151.101.1.229
172.217.222.149
172.64.151.180
173.194.204.148
173.194.66.95
173.223.163.201
18.165.83.57
18.67.60.119
20.125.209.212
204.79.197.237
209.85.144.100
209.85.144.94
213.187.226.60
213.187.229.147
216.239.36.54
23.204.206.249
23.214.246.63
23.216.132.12
23.218.218.191
31.13.66.19
31.13.66.35
35.244.142.80
35.71.131.137
52.179.73.39
52.85.132.107
54.221.249.152
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
087007678ce45dea92e55b604ac288585ac521a86deb3a9b65a836aece759a06
0918a0aee7cfa3281a9093569456573dbf1c4519962a04cb017c2606ae7b79b8
0e11826b2c561dae6c77a81397f40deb0b23ad96714ba91c79209c89483fe546
142617edf27459c2a888daaf7d0bf7777a3fb328fbe9a771fcb7059044791247
18883f147e74153f0f7bea7b684c36a17067a92b73f98706e1b0384933af8521
1ca0581b2dee03940abc2e765efbd4b0f46136756dae88b52fc14f10ce121b36
24cbb450c1b3ec272c4c0d2a170e3c63dbbf01d56a28a2bed3aa23470b9989a6
26bfc32c8a72b27ee15b21c46f2595d41f075fba4156abcd5849df113005757e
2744d87f1b24782297feeef38cdb47a0fbaa5e756b2b55df817cf2ea9b798ab3
27dbfec746a0b2440ba1a5c55ac536b801910735cfad0f9b3960aebfd53fca9b
28dc851a49a5885ab05a887052f119437d3313a0ec3070ae2ab2f5bfb42735fb
29d27ed3cc9184b35e30e41a3e1749438aa559609911f12e76181253ede1dff7
2da9f9b2a47cd767a82f785767b27bdf53667d2f9b804a92c5d264d235dc0258
2e5a796859a239184abc9058b03d2b3f367fef4a8321d64b32d316893ad6e31c
314720b22487f8748290ad00ab188592017fff33abeee91b70c9ba2810bbf969
323ae546ff50f3c0d4c98e3e1f05cb98887c9a7cfd7bd30b25d0807ba9718239
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
35c52b15ece5512d8ba82ff6f5be8ab2542e50b09efadffe1a064d55e3f75de0
37bdd1507f434059d2e5cb8440e469ab3e703d2721f8b815cc9a11de36ed5488
37e938b3cfd3719f203d8f232c3e345cea3285f504e848efef1083d2a35cb139
38bc0f256821a9c0a02a1c0cedf8ff70c211e637ef77ac199de2fe0cf36ba9ec
3ae34a90f7e51165d9eb3056e09cc2ad4e139c91b679435d65dfb584ae9a1110
3de59af70221edd70991cba69fce45b7c5701aebbd294e755c408517f22ccb59
405a249c9547edd9729493487d98614173efbf7ee715c99d02e13240de5d5681
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4881336c8585e954a456070a19ae6ac02c372b8032d823304349a5197a828422
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
53f54760d397f16a45a54e3f5875403fcafc0f2370b6249a12afd44b8871d4ef
55f368d7f50034e1f81f6d0cb9c5d46683503b12179678ac4d2fda264619312e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5c8b9975b6ab875dc8b6667c9c5b9a0e70b39635433206ca2892ad7c1d9f4191
61b8b399a17ff9e82c2e029a42d2cdd5d76f8a55de1e18c1ee0537674def1c0a
6617eaef82facac92dc72dde21b98b7980c8bc167b723a00933ba4c6352f9308
691e1c323f4b3d5685bf80ff82a9114b1437843d3e0365c790d2639b94dd1f68
6987dec7a8fd30ac0d3da244cb9c4ed1726c8879dea05ab76ad0d2f725bac408
6ad69efe2dbcda20b7287469d38ac3bf3089b681ed567f73874aa279c0f497e1
6d54c596cfb6f657512e8d9c5ef5e8d5280361489a1b508db1c7a1c6b598db1a
75c672cdebb085a3e48b61b341b009c1253bccf196dcb46fa332871e826c5960
79571392e20d924510096f043ac66df91cc2fa609ceb3ae99cfd533b0d410fe4
79c5a62bfe4a78ed9866c882749472f31d30a1d9f9f54f4e674a98eaeee98ba8
7a6c1976f920b40475926e156daba9a244df4e72009b93b2410352ca68f07876
7b31da0c467bd24db3163b9ae63f8037406e56fc2935b3a1d3d2260afa342425
7ccf80229bbe586853232059978b67c1dbe6ccd7f6b4b8585b34bbcf2d9f195f
80a137091d8e5db2cfd753a09852f1097e2fe278a7721d7115229d1004d98492
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
88537cc804fdf5bf9810b47fb8330d5ce378f666ed95b9d8debdda4fa6a8596f
888712ed47541355b228a62b0145cee74738249326775661cd879370e7dea7c9
8d7cf13359f90a2fbe0a7a77d57f9c1d5eed6b82cd1531643aa2fab5c2354bd8
8dfd11bea85d0114b1e5c8f8b0a927a06b508422c12b2a811c7c395c0e5ffeb2
8e5971f6c8dada92265ed3fa9e757df7d77d4141879da6c99dc6c772eef39952
8f95b566f0eb401e3b7becad35f62af1c0d032a4a0494c9d83dc9df2ef339afd
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
948650cdd341fff3b65490e81f5856dbbc26bf1347e63379dde1456f62b8803a
9884983160b9c9dc48ee5fc976e3f10661900b1544bd8fb84d2cab1617d096c5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9acce1202062518523f1976a37510b6fcb7beb5a6b68205032e14b971a3a0e9b
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9d91a0573b014fa97931834fb3251b5688d6353117b49d768296e748725ca745
a75d3b1b520eeed6a78e40cfa367deb903cc0dd8eacddddf2a234c7202de5956
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac64dac721fe508b68899aaca287bbc14232639deed7d17817c9bfb6d210e857
b7730a5d79d0b1b6b544882d08a5db1f0b63dabbee95b10adbc54f00dc9ebd6f
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbdb8ed22c841766c16fe619697ff50736d4a66cef5729d874caa98a0131151a
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
c0e6c99ba8dc040ce0d3b72d0b3e60c70834267b03ba4f6fba23a37ae8757daa
c2a5e93ac7cfecacd7ad6cebe114bdd02185504d719b68b1786c29d3c94e5361
c2c21c79a4d61a638b2b1663e8717c39d6f16c55baa66688909f821cb30be5e0
c65534c9454f20d85e367a8d5a1b2eacbaddfe61e8494c63603850634e50449e
c836e18bc6613dafb6f3c5e0e6980f5ac4076ab6bc2fbca94fd9a171cc459489
c8beaa31b6a6349a7f760577644e0d2366f6f61a1ba6b0f6451a251af8055567
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ceb8cd7e7af4e6f42ecf0d6f16852edab0bb656c31b30acb603d18ae2795963e
cf2224f45cc9118195af9994a34f46a90e3e9f9ed7814ab5e4898c9e0b3ff412
d2533c8e2ab843fab73ebf949f41959aa93a9376019e8d9ec57fb79fdcfdd980
d5b3df269e03a914f6be36fb5cfc5e0a8e8dfd91b91290ffc1625de4452bf14d
d89d8b958f04b9bca497c44b508cc3df35959db2e8d69358e27de38d7eec4c21
d937cebfb63f0680361be4e12b7773a03117570ad6033ae3b0460ed078dea32a
da22288b706a3af2a2853e0641b66f3c8da22785e8caf9921efdf4d9a59865d5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb541d065020ff841077eb04269d5b9988d1a2ba91b67ccb8eded1a80b88a82
df3442982a2802fbd2ff9af5791efaaed5e7547e92d8b7c8a87a548af5e7b646
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48f2173367e26d8885bcbe92f4dceb5e38e6ebdb3861f5a83313a20defae1c7
e52f3b490c05c06ce3ec7d54055a006033c4c220ecb44f67f8644a11c8e0a2b5
ed91436df65a32d3279eeef148d78d04bbb1126339fb56b572113478860c0642
eeb7be1d1702a535ab401d7aae4793711998e8cb4290c0f6d32d27986309b11a
f494562c6d33c2f3fea55d32d7f87b79029a64c3d335ed800d61368030d6f78d
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f50b0d28ff732980e53586c4f1e952d72acb4da4a421e0cfd2b3693f9fd4a127
f74df4396b7e04557a8b9568336b3b43a919ded40ee2a3916d36b17ccf2211a3

www.northstarbets.ca Open in urlscan Pro 23.216.132.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

97 %HTTPS

0 %IPv6

30 Domains

41 Subdomains

34 IPs

4 Countries

2270 kBTransfer

10343 kBSize

56 Cookies

14 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.northstarbets.ca Open in urlscan Pro
23.216.132.12 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

97 %
HTTPS

0 %
IPv6

30
Domains

41
Subdomains

34
IPs

4
Countries

2270 kB
Transfer

10343 kB
Size

56
Cookies

126 HTTP transactions
0 data transactions