www.the-star.co.ke Open in urlscan Pro
172.67.193.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.the-star.co.ke/
Submission: On January 31 via api (January 31st 2023, 3:36:35 am UTC) from NZ — Scanned from NZ

Summary HTTP 290 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 68 IPs in 7 countries across 69 domains to perform 290 HTTP transactions. The main IP is 172.67.193.140, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.the-star.co.ke. The Cisco Umbrella rank of the primary domain is 245414.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.

This is the only time www.the-star.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	172.67.193.140 172.67.193.140	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE)
2	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
12	142.251.12.95 142.251.12.95	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
33	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
7	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1	172.67.188.214 172.67.188.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.59.55.128 139.59.55.128	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	74.125.24.97 74.125.24.97	15169 (GOOGLE) (GOOGLE)
1	13.227.254.18 13.227.254.18	16509 (AMAZON-02) (AMAZON-02)
2	157.240.15.13 157.240.15.13	32934 (FACEBOOK) (FACEBOOK)
1	172.67.218.127 172.67.218.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	72.247.81.161 72.247.81.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 5	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 2	13.228.93.73 13.228.93.73	16509 (AMAZON-02) (AMAZON-02)
2	18.195.73.204 18.195.73.204	16509 (AMAZON-02) (AMAZON-02)
2 2	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
1	104.21.45.196 104.21.45.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.253.118.154 172.253.118.154	15169 (GOOGLE) (GOOGLE)
1	172.253.118.155 172.253.118.155	15169 (GOOGLE) (GOOGLE)
2	172.253.118.132 172.253.118.132	15169 (GOOGLE) (GOOGLE)
10	74.125.24.93 74.125.24.93	15169 (GOOGLE) (GOOGLE)
1	3.232.171.121 3.232.171.121	14618 (AMAZON-AES) (AMAZON-AES)
2	184.25.221.62 184.25.221.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.216.132.133 52.216.132.133	16509 (AMAZON-02) (AMAZON-02)
4	139.99.68.6 139.99.68.6	16276 (OVH) (OVH)
1	20.79.102.66 20.79.102.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	74.125.130.138 74.125.130.138	15169 (GOOGLE) (GOOGLE)
1	64.233.170.154 64.233.170.154	15169 (GOOGLE) (GOOGLE)
19	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
12	74.125.24.155 74.125.24.155	15169 (GOOGLE) (GOOGLE)
5	146.20.128.134 146.20.128.134	27357 (RACKSPACE) (RACKSPACE)
3 3	35.214.223.115 35.214.223.115	15169 (GOOGLE) (GOOGLE)
5 32	146.20.128.159 146.20.128.159	27357 (RACKSPACE) (RACKSPACE)
2	47.252.78.131 47.252.78.131	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
3 3	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	54.237.254.37 54.237.254.37	14618 (AMAZON-AES) (AMAZON-AES)
6	146.20.128.152 146.20.128.152	27357 (RACKSPACE) (RACKSPACE)
5	64.233.170.94 64.233.170.94	15169 (GOOGLE) (GOOGLE)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 3	142.251.12.147 142.251.12.147	15169 (GOOGLE) (GOOGLE)
2	104.18.31.151 104.18.31.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.22.71.231 104.22.71.231	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.107.184.81 34.107.184.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	198.8.71.131 198.8.71.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	13.115.236.114 13.115.236.114	16509 (AMAZON-02) (AMAZON-02)
3 3	103.229.10.211 103.229.10.211	16509 (AMAZON-02) (AMAZON-02)
1	54.87.95.148 54.87.95.148	14618 (AMAZON-AES) (AMAZON-AES)
4 4	74.118.186.45 74.118.186.45	26120 (RHYTHMONE) (RHYTHMONE)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	35.75.149.219 35.75.149.219	16509 (AMAZON-02) (AMAZON-02)
6 6	54.179.76.98 54.179.76.98	16509 (AMAZON-02) (AMAZON-02)
1	23.106.69.73 23.106.69.73	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 1	3.231.66.207 3.231.66.207	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.33.88.104 13.33.88.104	16509 (AMAZON-02) (AMAZON-02)
1 2	18.138.161.18 18.138.161.18	() ()
2 3	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 2	52.220.170.179 52.220.170.179	() ()
2 2	107.178.244.193 107.178.244.193	() ()
2 2	13.227.254.51 13.227.254.51	16509 (AMAZON-02) (AMAZON-02)
9	104.65.228.208 104.65.228.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.53.160.138 23.53.160.138	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.36.49.63 23.36.49.63	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.30.151 104.18.30.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.68.148 74.125.68.148	15169 (GOOGLE) (GOOGLE)
1	142.251.12.119 142.251.12.119	15169 (GOOGLE) (GOOGLE)
1	13.227.254.33 13.227.254.33	16509 (AMAZON-02) (AMAZON-02)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	103.231.98.191 103.231.98.191	() ()
1	103.231.98.196 103.231.98.196	() ()
1 2	185.84.60.23 185.84.60.23	() ()
1 1	103.229.206.241 103.229.206.241	() ()
2	103.231.98.194 103.231.98.194	() ()
3	67.199.150.86 67.199.150.86	() ()
3 3	172.217.194.155 172.217.194.155	() ()
1	119.9.108.180 119.9.108.180	() ()
1	34.124.209.251 34.124.209.251	() ()
2	67.199.150.90 67.199.150.90	() ()
2	52.34.92.83 52.34.92.83	() ()
290	68

20 172.67.193.140 (United States)

ASN13335 (CLOUDFLARENET, US)

www.the-star.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

radioafricagroup.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

polls.the-star.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.188.214 (United States)

ASN13335 (CLOUDFLARENET, US)

www.myjobsinkenya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.59.55.128 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-18.sin52.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.15.13 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.218.127 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mgazeti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.81.161 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-161.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.213.12.39 (Tokyo, Japan) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.93.73 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-93-73.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.73.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-73-204.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.162.2 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.45.196 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.mgazeti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net

adservice.google.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net

b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 74.125.24.93 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f93.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.232.171.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-171-121.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.25.221.62 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-221-62.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.132.133 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.99.68.6 (Singapore)

ASN16276 (OVH, FR)
PTR: ns564141.ip-139-99-68.net

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.79.102.66 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

the-star.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.130.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f138.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.20.128.134 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.214.223.115 (Groningen, Netherlands) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 146.20.128.159 (United States) 5 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.116.239.135 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.254.37 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-254-37.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.20.128.152 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.31.151 (None, )

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.71.231 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aimtell.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.184.81 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.184.107.34.bc.googleusercontent.com

nxd.adhaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.8.71.131 (United States)

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.115.236.114 (Tokyo, Japan) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-236-114.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.229.10.211 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.87.95.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-95-148.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.118.186.45 (Singapore) 4 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.75.149.219 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-149-219.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.179.76.98 (Singapore) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-76-98.ap-southeast-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.69.73 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.66.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-66-207.compute-1.amazonaws.com

media.sabio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.104 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-104.sin2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.138.161.18 (None, ) 1 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.242 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.170.179 (None, ) 2 redirects

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.193 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.227.254.51 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-51.sin52.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.65.228.208 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-65-228-208.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.160.138 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.49.63 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-49-63.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.30.151 (None, )

ASN13335 (CLOUDFLARENET, US)

beacon.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f148.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.119 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f119.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-33.sin52.r.cloudfront.net

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.191 (None, )

ASN- ()

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.98.196 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.23 (None, ) 1 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.206.241 (None, ) 1 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.194 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.199.150.86 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.155 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.9.108.180 (None, )

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.124.209.251 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.90 (None, )

ASN- ()

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.34.92.83 (None, )

ASN- ()

vid-io-pdx.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	lkqd.net 5 redirects ad.lkqd.net — Cisco Umbrella Rank: 22292 v.lkqd.net — Cisco Umbrella Rank: 16432 cs.lkqd.net — Cisco Umbrella Rank: 2885 t.lkqd.net — Cisco Umbrella Rank: 18345	221 KB
28	googlesyndication.com b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	433 KB
27	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 64	2 MB
27	the-star.co.ke www.the-star.co.ke — Cisco Umbrella Rank: 245414 polls.the-star.co.ke	626 KB
22	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net Failed static.doubleclick.net — Cisco Umbrella Rank: 214	259 KB
18	pubmatic.com vpaid.pubmatic.com — Cisco Umbrella Rank: 5069 ads.pubmatic.com vid.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com Failed st.pubmatic.com	79 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	243 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 jnn-pa.googleapis.com — Cisco Umbrella Rank: 189	37 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	890 KB
6	tidaltv.com 6 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1402	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 358	109 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	241 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1384 sync.teads.tv — Cisco Umbrella Rank: 1232 t.teads.tv — Cisco Umbrella Rank: 2707	132 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 analytics.google.com — Cisco Umbrella Rank: 334 www.google.com — Cisco Umbrella Rank: 2	16 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	3 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 304	2 KB
4	survicate.com survey.survicate.com — Cisco Umbrella Rank: 5886 surveys-static.survicate.com — Cisco Umbrella Rank: 7295	86 KB
4	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414 ups.analytics.yahoo.com — Cisco Umbrella Rank: 274	2 KB
3	springserve.com vpaid.springserve.com — Cisco Umbrella Rank: 8333 vid-io-pdx.springserve.com	90 KB
3	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	895 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
3	quantserve.com 3 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	1 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 470	1 KB
3	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 4388 beacon.aimtell.com — Cisco Umbrella Rank: 25428	460 B
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 748 d.turn.com — Cisco Umbrella Rank: 1147	1 KB
3	loopme.me 3 redirects csync.loopme.me — Cisco Umbrella Rank: 835	656 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	208 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 886 trc-events.taboola.com — Cisco Umbrella Rank: 1293	202 KB
3	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 24320 a.vidoomy.com — Cisco Umbrella Rank: 10343	5 KB
2	adform.net 1 redirects c1.adform.net	965 B
2	openx.net 1 redirects vidoomy-d.openx.net — Cisco Umbrella Rank: 40126	94 B
2	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	968 B
2	tapad.com 2 redirects pixel.tapad.com	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	889 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 601	1 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 148	654 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4461	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	954 B
2	rfihub.com p.rfihub.com — Cisco Umbrella Rank: 741	1 KB
2	adhaven.com 2 redirects nxd.adhaven.com — Cisco Umbrella Rank: 51689	399 B
2	aimtell.io cdn.aimtell.io — Cisco Umbrella Rank: 7504	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 651	1 KB
2	clientgear.com event.clientgear.com — Cisco Umbrella Rank: 1914	211 B
2	google.co.nz adservice.google.co.nz — Cisco Umbrella Rank: 122321 www.google.co.nz — Cisco Umbrella Rank: 34970	939 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742	24 KB
2	mgazeti.com www.mgazeti.com — Cisco Umbrella Rank: 856410 cdn.mgazeti.com	357 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	87 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 915 heapanalytics.com — Cisco Umbrella Rank: 826	36 KB
2	github.io radioafricagroup.github.io — Cisco Umbrella Rank: 742962	179 KB
1	simpli.fi um.simpli.fi	612 B
1	semasio.net uipglob.semasio.net	220 B
1	mathtag.com 1 redirects sync.mathtag.com	724 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	56 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 229	3 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 349	449 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 522	688 B
1	sabio.us 1 redirects media.sabio.us — Cisco Umbrella Rank: 40685	235 B
1	dyntrk.com gu.dyntrk.com — Cisco Umbrella Rank: 1019
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	470 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1077	35 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 388	288 B
1	piwik.pro the-star.containers.piwik.pro
1	amazonaws.com s3.amazonaws.com	13 KB
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 629	541 B
1	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 17727 tt.onthe.io Failed	20 KB
1	myjobsinkenya.com www.myjobsinkenya.com myjobsinkenya.com Failed
0	pippio.com Failed pippio.com Failed
0	krushmedia.com Failed cs.krushmedia.com Failed
290	69

	Domain	Requested by
28	cs.lkqd.net	5 redirects ad.lkqd.net www.the-star.co.ke
27	lh3.googleusercontent.com	www.the-star.co.ke
20	www.the-star.co.ke	www.the-star.co.ke polls.the-star.co.ke
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.the-star.co.ke b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com tpc.googlesyndication.com
14	securepubads.g.doubleclick.net	www.the-star.co.ke securepubads.g.doubleclick.net www.googletagservices.com
11	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
10	t.lkqd.net	ad.lkqd.net
10	www.youtube.com	www.the-star.co.ke www.youtube.com
8	fonts.googleapis.com	www.the-star.co.ke polls.the-star.co.ke securepubads.g.doubleclick.net b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
7	pagead2.googlesyndication.com	www.googletagservices.com www.the-star.co.ke securepubads.g.doubleclick.net tpc.googlesyndication.com
7	ad.lkqd.net	www.the-star.co.ke ad.lkqd.net
7	polls.the-star.co.ke	www.the-star.co.ke polls.the-star.co.ke
6	vpaid.pubmatic.com	ad.lkqd.net vpaid.springserve.com blank
6	sync.tidaltv.com	6 redirects
5	www.gstatic.com	www.the-star.co.ke b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com www.youtube.com www.gstatic.com
5	v.lkqd.net	ad.lkqd.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net www.the-star.co.ke
5	x.bidswitch.net	5 redirects
4	jnn-pa.googleapis.com	www.youtube.com
4	match.adsrvr.org	4 redirects
3	image2.pubmatic.com	ads.pubmatic.com
3	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
3	cm.g.doubleclick.net	www.the-star.co.ke
3	sync-tm.everesttech.net	2 redirects ads.pubmatic.com
3	sync.1rx.io	3 redirects
3	cms.quantserve.com	3 redirects
3	match.prod.bidr.io	3 redirects
3	surveys-static.survicate.com	survey.survicate.com surveys-static.survicate.com
3	www.google.com	1 redirects www.youtube.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com www.youtube.com
3	csync.loopme.me	3 redirects
3	www.googletagmanager.com	www.the-star.co.ke www.googletagmanager.com
2	vid-io-pdx.springserve.com	vpaid.springserve.com
2	st.pubmatic.com
2	simage2.pubmatic.com	ads.pubmatic.com
2	c1.adform.net	1 redirects ads.pubmatic.com
2	vidoomy-d.openx.net	1 redirects www.the-star.co.ke
2	beacon.aimtell.com	s3.amazonaws.com
2	t.teads.tv	www.the-star.co.ke
2	s.ad.smaato.net	2 redirects
2	pixel.tapad.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	dpm.demdex.net	1 redirects
2	sb.scorecardresearch.com	2 redirects
2	pool.admedo.com	2 redirects
2	p.rfihub.com	ad.lkqd.net www.the-star.co.ke
2	nxd.adhaven.com	2 redirects
2	cdn.aimtell.io	s3.amazonaws.com
2	sync.srv.stackadapt.com	2 redirects
2	ad.turn.com	2 redirects
2	event.clientgear.com	ad.lkqd.net
2	a.teads.tv	www.googletagmanager.com a.teads.tv
2	b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	maxcdn.bootstrapcdn.com	polls.the-star.co.ke
2	ups.analytics.yahoo.com	2 redirects
2	a.vidoomy.com	www.the-star.co.ke
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	connect.facebook.net	www.the-star.co.ke connect.facebook.net
2	cdn.taboola.com	www.the-star.co.ke cdn.taboola.com
2	radioafricagroup.github.io	www.the-star.co.ke polls.the-star.co.ke
1	um.simpli.fi	ads.pubmatic.com
1	uipglob.semasio.net	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	vid.pubmatic.com	vpaid.pubmatic.com
1	vpaid.springserve.com	ad.lkqd.net
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	sync.teads.tv	a.teads.tv
1	idsync.rlcdn.com	www.the-star.co.ke
1	bh.contextweb.com	1 redirects
1	d.turn.com	1 redirects
1	media.sabio.us	1 redirects
1	gu.dyntrk.com	www.the-star.co.ke
1	sync.targeting.unrulymedia.com	1 redirects
1	rtb.adentifi.com	www.the-star.co.ke
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	signals.aimtell.com	s3.amazonaws.com
1	trc-events.taboola.com	www.the-star.co.ke
1	gum.criteo.com	cdn.taboola.com
1	www.google.co.nz	www.the-star.co.ke
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	the-star.containers.piwik.pro	www.the-star.co.ke
1	survey.survicate.com	www.the-star.co.ke
1	s3.amazonaws.com	www.the-star.co.ke
1	heapanalytics.com	www.the-star.co.ke
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.nz	securepubads.g.doubleclick.net
1	cdn.mgazeti.com	www.the-star.co.ke
1	ads.stickyadstv.com	www.the-star.co.ke
1	www.mgazeti.com	www.the-star.co.ke
1	cdn.heapanalytics.com	www.the-star.co.ke
1	cdn.onthe.io	www.the-star.co.ke
1	www.myjobsinkenya.com	www.the-star.co.ke
1	ads.vidoomy.com	www.the-star.co.ke
0	image4.pubmatic.com Failed	ads.pubmatic.com
0	pippio.com Failed	ads.pubmatic.com
0	cs.krushmedia.com Failed	ad.lkqd.net
0	tt.onthe.io Failed	cdn.onthe.io
0	myjobsinkenya.com Failed	www.the-star.co.ke
290	105

This site contains links to these domains. Also see Links.

Domain
classic105.com
eastfm.com
kiss100.co.ke
radiojambo.co.ke
mpasho.co.ke
www.facebook.com
twitter.com
www.instagram.com
myjobsinkenya.com
www.myjobsinkenya.com
the-star.co.ke
cookieinfoscript.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.github.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-07` - `2023-04-07`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
purrse.mooncat.community GTS CA 1D4	`2023-01-18` - `2023-04-18`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2022-07-29` - `2023-08-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-09` - `2023-02-07`	3 months	crt.sh
ad.lkqd.net R3	`2023-01-28` - `2023-04-28`	3 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.co.nz GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2022-12-09` - `2024-01-07`	a year	crt.sh
teads.tv R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-13` - `2023-10-14`	a year	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2022-08-25` - `2023-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
*.dyntrk.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.springserve.com Amazon	`2022-03-31` - `2023-04-29`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2022-03-18` - `2023-04-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh

This page contains 35 frames:

Primary Page: https://www.the-star.co.ke/
Frame ID: 2EB1B123C57926D99D8D7D82BBA835A7
Requests: 149 HTTP requests in this frame

Frame: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q
Frame ID: 3672BA9BD7C7398DABE52348CDEAFE3F
Requests: 16 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: C3A815FC8F684942A2CDBEDF6069DD9F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B26F05895791FDF5F419C74D72C3BDCE
Requests: 2 HTTP requests in this frame

Frame: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F5B899C0DC55F2DEF687C3F2D1187AE1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLRgEr_cN5i-V1Hk0mlgxduJQlwsp8A-Pov5NBghQzClsgmVRBjXfsvm4fpSPeK0mEv_5vNuJ31AzEwF2iGHqUcTy6ZnMtxuSsd3i9yTOCqHGSHsr89iJtJv5sg4Ng6uIFvfKb1LExuiBOKZIk18BYUb2tx9Wq5MQrB6nBZuRW4qjFOA63GCCM3IgxD6JC_6kKzpD7C06h-5KdY0qxNZ5LKv6zQHldxP2Rdb0SLRqwYbsSP_4noNWKeOLoJdtowkVVe0GhFdSh5Ur7MD8TnWXn5URr8oNqsXTJuH2WvFOoKbKxhCrlyqP3A5nM8XtQlupHDw&sai=AMfl-YTi4-8crV8sAycf58buUqZ2rQ4nO3ETj3UP7SokN1L0wQJ-mH827uyv5wYBSobsW5MAi-zFhFofZM8JoBYlEGfjMSZOIAoN6iaZQDs3rH8dU7cEXzOxJX-s-hpxvzRWza35Ss0O2DzXpdg_rMjPIok&sig=Cg0ArKJSzHrFr9V7B9trEAE&uach_m=[UACH]&adurl=
Frame ID: 780AF7F2D3F985BAE996A08DD8180175
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwcCyGAVYC8qohofqE92J-I8FVn-zQB2bLuXPsMGKCUO5qrtzuyUdc9qG198YoX1E14NpM_bonVDrrFsorMTYB0_eFHAAGw46E-RgU1mOgW_sZe6XZuV9IB22tXlvLNH3pN_31g2pRszy9-BKdteGo9HelC1P0yCkLJrcw3U7rJA6U25BJtpmQcDKlr-0bCpk8ZslWFwlQuA4WVE8kbmo0i7IlJjtCJW9MN_enrkmQnd0qzhDv3ANB4CmCAwKMut_9HZvO4iT1souCVe7gnKsDrWQMea_L995XFU82Wim4E97OEYTbjI1GpRW_0uA0tCe6HKTbaw&sai=AMfl-YRouGPvUGHHjUsbm79FVt3MB_Fk8_fIMD4GDbHkNwKdZNtpeXhFRddUdyzMaA7nj5f4XlYWdUc5tcHpJu58AA14iQOs1FLyAF1UwM-1sWDrh6IHM-YKx5PZmhP2Wau-2-5LeJYuBq6j-_i7iAFnyes&sig=Cg0ArKJSzI1fknbuLIC1EAE&uach_m=[UACH]&adurl=
Frame ID: DEF9C79D90F4703CE7D218F6AAA7434A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRfzQiwbfPHGrwljxX_E1QeN2wPwVVgwWLet9ac4tvpl2RGpSWsLLwqyeBaoBqTllOBn5aiSilYVzF66QWM6lpnes_uaD4B0bcCrev_p2rY2fFeinDMrHuZwZlYVbA45BcaTsDBt7bHCIWRRl2Xhoear5J-sp0OAKQux9JATmGcSJ39QMHhzs9KdkYHrUfqUWKqDrZUNkg7qsAxbe0D-rCRR4-ThxLU0RX-WWACIJmaJo3Dq6BXmlfUDDFyj7TWpBo8UWCvuqL2803eheCVRwZewbFsR_4YT74kBUV3bWm0D03ndl1S1XLJCJYeQjX8NIoKA&sai=AMfl-YQdgXt0gU8k6bPHPytLnWLHDxCTcuiKxOOjjiwvihK6zE2r1nin4xcZBRRc5GnkZ9zrIQjooMbyxp90HmHZJUOw-YHCxFzTppaoaXilorhgqKQbQ3UUtxjxvAVtQFdR22dZWO2aNybFR_W2qL4DaIw&sig=Cg0ArKJSzMf00tZnq-KVEAE&uach_m=[UACH]&adurl=
Frame ID: CAA7C28242BEC0727B62D674EBD2182C
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
Frame ID: 1A2A19A60CF4005C164238309B2726AD
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfxrGIQMoBmSyXpKdm8len6Jot-B8qfDjckGA4a-hL530YzLw0TK0ITM6rnTOPLkf0okWzs4wG4Dd_veimoxu-Ao1Yhjbi8DfCj5Fb6KqC3SM5IpDrlKuFyZDJo5CidgXANc1u55WMd1SsIvedTsnttzJ-VKIVh43gggRFKay-4t8Slk7lx28t6zTaMwAt_8ZojfOBWTFoIObzcs795Gv3vlDVRuPFXtWdZe4ok45NZc3J5wEmEd2W8NHdapda9pmGrHdNmc-pLRZw3zpb7DZ6vOtinCzDgjWrqgckvqFk91p1vqt4ejefiuqQeVfv2IysxQ&sai=AMfl-YQ2nGnuAfMe7pDJ032dNqTOA9LvMyLL4yi47w4qYLggKPPIrCF83f3aOXojwTC0WnzfMnIv5TsJNARIYktpG-zitXYipwHO3o0i2NXqK6a8_1MVAi4v0mfKA7BFINI7sRoGo6HZYAVDQDKLh7CCvEA&sig=Cg0ArKJSzNYkQQ2rqg7AEAE&uach_m=[UACH]&adurl=
Frame ID: 2D254F2DF210A7B80BC0879EAF2042F9
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 142BFE86C917110D1300206373E70079
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B906A7887F1D9BD14D3CC7745CD58895
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2C7751E0BAC192AF8E67FF0A6C4A01ED
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 155D80E8E1FCC96B6625C10C8F906007
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 2E7C1559D040A0774DD467904AFCA42A
Requests: 20 HTTP requests in this frame

Frame: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC411C6CDC0AE838FABBE7B7B36E7907
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0B8CCEFFDCA02B2FC46DE15EA64BA9C6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0EB7DE7E09218ED7C0020FA8957D05B6
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 4FD283F79F6AB209646FC13050588BCA
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 3DE949C0E4D497192BDAC84837DEABC0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: 54C76A6116D4DD5F24F1055A1D8FB440
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
Frame ID: CC0230BF4EEFEA59E8C0469B77E70955
Requests: 20 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 88FEAA95B11D6174F5AFF889DDF9232C
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3f2ac009.js
Frame ID: 851738A5D129374B33F16043489162B4
Requests: 6 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,
Frame ID: D16AC74DE7FA12F57D7EAF1D3F1E2069
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B5238B28C7EFA5369BC07FB9246D7A5E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88185A4EF4CCA569C2D18E8FB2F115B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7F04B579FC6BACC2455A193D793CD0F
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent=
Frame ID: 9182EF73895E3B39624AE65AFA0A91A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a52363d8-8cc0-4300-ad55-d9bbdb25f936&gdpr=0&gdpr_consent=
Frame ID: 1F0B6B37E0829333BC4FD9AD19388B37
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: A63F1D403EED5087B069160C5C4E3597
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1963036234330670071&gdpr=0&gdpr_consent=
Frame ID: F584D955942EC9ED0C536A825783744D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nfPo-ZOj7vaG8-mkkvmh8Mqj7fSG-O_5yfkLu26C
Frame ID: B6AB14F49AFDC694906ED4CEB4A9C992
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 6B199B8EA5DAA7C26424CFBDD115CBD1
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BEFBFA6EA141DADD0C1FF44383B743A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Star

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Aimtell (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.aimtell\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

290
Requests

84 %
HTTPS

0 %
IPv6

69
Domains

105
Subdomains

68
IPs

7
Countries

6360 kB
Transfer

16146 kB
Size

83
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://classic105.com/
Title: Classic 105

Search URL Search Domain Scan URL

URL: http://eastfm.com/
Title: East FM

Search URL Search Domain Scan URL

URL: https://kiss100.co.ke/
Title: KISS 100

Search URL Search Domain Scan URL

URL: https://radiojambo.co.ke/
Title: Radio Jambo

Search URL Search Domain Scan URL

URL: https://mpasho.co.ke/
Title: Mpasho

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thestarkenya

Search URL Search Domain Scan URL

URL: https://twitter.com/thestarkenya

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thestarkenya

Search URL Search Domain Scan URL

URL: https://myjobsinkenya.com/?utm_source=the-star&utm_medium=title-link
Title: My Jobs In Kenya

Search URL Search Domain Scan URL

URL: https://www.myjobsinkenya.com/register?utm_source=the-star&utm_medium=register
Title: Create an account today

Search URL Search Domain Scan URL

URL: https://the-star.co.ke/privacy-policy
Title: More info

Search URL Search Domain Scan URL

URL: https://cookieinfoscript.com/
Title: Cookie Info Script

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=62771591.5040565361494485011.27904886 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=62771591.5040565361494485011.27904886 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-WHdeikdE2plWY9PrzM1DO5PWfKJOclY0IYT4UA--~A&expires=5&ssp=vidoomy HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed

Request Chain 101

https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-V1Z3h1dE2uFvYxSl9LS3MvrLVtk3mKyaFRnZ9FE-~A

Request Chain 174

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b330ed9f-50e7-4b41-a9f6-bbf499f738e4

Request Chain 175

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Q5ltcmy75vA

Request Chain 176

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=lPAv2QEw2zo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D

Request Chain 177

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2537700921132714778

Request Chain 178

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Vupd6VjcSsdIUm7MYzPc7nRaSsU

Request Chain 179

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d23b58aa-347e-4b12-add3-4f322c0a9f37

Request Chain 180

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=MzMKBWmmScU

Request Chain 181

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=rU6QyD6aLFo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D

Request Chain 182

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2465643327094786842

Request Chain 183

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s5_ldl2_QNlUf1gD-IKTmnRaSsU

Request Chain 210

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 219

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a

Request Chain 221

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
https://a.tribalfusion.com/i.match?p=b30&u=diICJj0iUVY&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=diICJj0iUVY&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662253695692628

Request Chain 222

https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA

Request Chain 223

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i

Request Chain 237

https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA

Request Chain 239

https://sync.1rx.io/usersync2/lkqd HTTP 302
https://sync.1rx.io/usersync2/lkqd?zcc=1&cb=1675136185064 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8601339335 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8601339335 HTTP 302
https://sync.1rx.io/usersync/tradedesk/f39b6373-c74c-48ac-9e79-26cc6c86044e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004 HTTP 302
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004

Request Chain 240

https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da43dbfa-d408-40ff-b16d-0a877e6d242e&user_group=1&ssp=lkqd&bsw_param=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed HTTP 302
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253D7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed HTTP 302
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed HTTP 302
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed

Request Chain 241

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=23a04e66-ede7-4541-a01b-4d7e1bf6dda1

Request Chain 242

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f39b6373-c74c-48ac-9e79-26cc6c86044e

Request Chain 243

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=6c483055-7533-4ef4-bedf-d032975e7ceb

Request Chain 245

https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2283198874896024021

Request Chain 246

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=e04f504a-8b81-4922-bc06-4c098c9c42b9&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=e04f504a-8b81-4922-bc06-4c098c9c42b9&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/e04f504a-8b81-4922-bc06-4c098c9c42b9/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F HTTP 302
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=e04f504a-8b81-4922-bc06-4c098c9c42b9?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=e04f504a-8b81-4922-bc06-4c098c9c42b9

Request Chain 247

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=Y9iMuwAABdlZIwBh HTTP 302
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y9iMuwAABdlZIwBh&_test=Y9iMuwAABdlZIwBh

Request Chain 248

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=SddPgjnMZvN4&ev=1&pid=561322

Request Chain 250

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i

Request Chain 252

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a

Request Chain 253

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&ct=y HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a HTTP 302
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a

Request Chain 254

https://s.ad.smaato.net/c/?adExInit=v HTTP 302
https://s.ad.smaato.net/c/?adExInit=v&cookieCheck=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=da54b067

Request Chain 255

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMxOGY4YjgtNWQ3ZS02NTc3LTZlY2QtMDUzN2U4NWUyZDI1

Request Chain 289

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,

Request Chain 307

https://c1.adform.net/serving/cookie/match?party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent=

Request Chain 308

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a52363d8-8cc0-4300-ad55-d9bbdb25f936&gdpr=0&gdpr_consent=

Request Chain 310

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1963036234330670071&gdpr=0&gdpr_consent=

Request Chain 311

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nfPo-ZOj7vaG8-mkkvmh8Mqj7fSG-O_5yfkLu26C

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nTBe9tUiRMqWAgr9wlKU9Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 313

https://idsync.rlcdn.com/420486.gif?partner_uid=9D305EF6-D522-44CA-9602-0AFDC25294F5 HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=c6bbf52aa6e7d705492908579bb90969e9ba0f60758b9967ab67beba1fccd4ff791426b5417dce21&_=2 HTTP 307
https://pippio.com/api/liveramp.com

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzMDVFRjYtRDUyMi00NENBLTk2MDItMEFGREMyNTI5NEY1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 316

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJoj0Z3KQk47UOsrJwEgCg&google_cver=1

Request Chain 319

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f39b6373-c74c-48ac-9e79-26cc6c86044e&gdpr=0&gdpr_consent=

Request Chain 320

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9D305EF6-D522-44CA-9602-0AFDC25294F5&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JItWvr5E2uUdFqsqm9hARYH_kESEm7U-~A&gdpr=0

290 HTTP transactions
46 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.the-star.co.ke/ 353 KB
49 KB 2050ms
1419ms Document
text/html 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-star.co.ke/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77088a9ab0b797f2f8033aa1c0f531c7b22b206b78ef167a79b9b3b03f3ae3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 791f66c2fe81a8ad-SYD
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:10 GMT
expires: Tue, 31 Jan 2023 03:36:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9jWD7E2PxK7gdPTJiQGBhUEyaoI0AB4a4ZtNsqwDQMmhQAoKzIgV9UEydOwcue5QtehEeOlHg3tum6XPArmpiabVnq7QJaFLfLMr1SPQinX4K8dL7SjZpjm0renyjhmZfZ8o9o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cloud-trace-context: 7ca1783b7235c002e17ac0206b064510
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 828ms
281ms Script
text/javascript 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

sffe /

Resource Hash

f30393cecacc3c7121787644e1b59663b8a24455818b9c55b5d9d7f3de5e0d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27555
x-xss-protection: 0
server: sffe
etag: "1468 / 15 of 1000 / last-modified: 1675119935"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 03:36:11 GMT

GET
H2 200 priority.75c6ecdc078e20fc1da8.bundle.js Show response
www.the-star.co.ke/build/chunks/ 2 KB
1 KB 152ms
150ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/priority.75c6ecdc078e20fc1da8.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff0a74af02c5fd32ced1f281f2ab9dc0c279e8f872f31301936a7e5b9b90b01

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11552542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"yXvY6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhbvUtNuQtKoH%2BgkRxKhRYn45YIA%2BXfWzuTcFlvXoBaq%2FYr727PTUPfC%2FL78JNaGC8mntynySLA0WPJuBDuwBiiZG8YIp%2FaX%2F3XN0ks62AAOK350xCoZDXhD9UqVe9c5CE7FVfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: ae93df90ce984130a2c40d6284b259ec
cache-control: public, max-age=31536000
cf-ray: 791f66cc1e8ba8ad-SYD
expires: Tue, 19 Sep 2023 10:33:47 GMT

GET
H2 200 priority.75c6ecdc078e20fc1da8.bundle.css
www.the-star.co.ke/build/chunks/ 365 B
488 B 153ms
151ms Stylesheet
text/css 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/priority.75c6ecdc078e20fc1da8.bundle.css
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0e0a7a96cb99a0c3b5693f6d8c0210a0b945c9feeede5851e5aa4a7c9920672

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11552542
cf-polished: origSize=366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"yXvY6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlBB1Qnu5bW08J9F15hAfPjvcY0oMBEgqexg6yuShDmvAbVrN4OmHMQ2VEsSYO%2BVPL75afa7gCTi%2Fj974TU6iYszhVKZ%2F%2F2n9dfmx9yRcQx2YkmnUFi%2FwZb4XciBZmP9WzKxA9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 5341b900ebff117a67a6451efed08878
cache-control: public, max-age=31536000
cf-ray: 791f66cc1e8ca8ad-SYD
expires: Tue, 19 Sep 2023 10:33:47 GMT

GET
H2 200 entry.b723c523bed74f30766d.bundle.css
www.the-star.co.ke/build/chunks/ 182 KB
26 KB 173ms
172ms Stylesheet
text/css 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.css
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30eb99425a0afc0ccc7802996844c817100b8cec24009e6dd98f531ea3829a44

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6094189
cf-polished: origSize=186832
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"CUsMtg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEfSdIbFVKwES9DcSVDz%2FGdy3Hdon0dHQid6HI9fzcM5gXKcihs725d%2BTDZ0wziRs%2BvQObE46DZhjog7icnyXp4sClm0rK%2BoKHPC0U4zvoosc4xWYOzy4JbvGjO%2FUPPY1qZYPYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: ecc3801a877ae1885290ad52fdad80a9
cache-control: public, max-age=31536000
cf-ray: 791f66cc1e8da8ad-SYD
expires: Tue, 21 Nov 2023 14:46:21 GMT

GET
H2 200 section.aa88f88387d06b738191.bundle.css
www.the-star.co.ke/build/chunks/pages/ 92 KB
12 KB 157ms
156ms Stylesheet
text/css 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/pages/section.aa88f88387d06b738191.bundle.css
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e98ef142a087c8c7da0afd1c303dc1e7f2e6e9eec1e8fa8a9448d35f38fcd8c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5808134
cf-polished: origSize=95116
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"QRnG8g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7Tk4Uv9xDc3%2FrnEOhmgmVIZAqBQIy6MDo%2FW1rF2JTkFnSzp0RfHU71lJBcPMYYgXfRS0zVSOREu9gFQKYFFzE4ftRHlrueQSJGuYj1IPi8cby97tyNq1vcVPsdA4kdKHVJ%2Bta4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 3bdd16e844992452a1090126ba0ae885
cache-control: public, max-age=31536000
cf-ray: 791f66cc1e8ea8ad-SYD
expires: Fri, 24 Nov 2023 22:13:55 GMT

GET
H2 200 cookiestrip.min.js Show response
radioafricagroup.github.io/thestar-resources/ 7 KB
3 KB 965ms
321ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://radioafricagroup.github.io/thestar-resources/cookiestrip.min.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id: 429003e681ab9db8178ad88a6ab8224d65a6a92f
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 31 Jan 2023 03:36:11 GMT
age: 588
x-cache: HIT
x-cache-hits: 1
x-proxy-cache: MISS
content-length: 3000
x-served-by: cache-fty21325-FTY
last-modified: Wed, 06 Nov 2019 05:46:31 GMT
server: GitHub.com
x-github-request-id: 80CE:42F1:D9644:118043:63D84BA5
x-timer: S1675136172.836821,VS0,VE2
etag: W/"5dc25e37-1de8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Mon, 30 Jan 2023 23:08:45 GMT

GET
H/1.1 200
OK the-star.co.ke_20870.js Show response
ads.vidoomy.com/ 4 KB
4 KB 1026ms
349ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/the-star.co.ke_20870.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: a07302fb9190ea264e3c9ea0041e374b3c530e696f34b08e1ddce8b38b56e2a7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:11 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 3937

GET
H3 200 u_search.png
www.the-star.co.ke/publication/custom/static/ 432 B
951 B 148ms
147ms Image
image/png 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-star.co.ke/publication/custom/static/u_search.png
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8767a153c7e72f2c42693bf86cda7bb2613802be672e650a3ff0809cb1527aef

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3535
etag: "SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPg55AfWtAJJjQ76EQOgiK%2Fs2y8xFmYP4%2B8rZ0NfZSyytPRggwq3YSbJlXL45md%2FuVKupssF6e%2BCgS8yK1TO2T25mRsRTBS56SKjkqtP%2Fr8XB5nkIbWL4dUC6QVDRmdXipjn5yU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-cloud-trace-context: 278ca0e8653fbb02c66db6bd332aac63
cache-control: public, max-age=86400
cf-ray: 791f66cd6a56a864-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Feb 2023 02:37:16 GMT

GET
H3 200 logo.png
www.the-star.co.ke/publication/custom/static/ 14 KB
15 KB 149ms
148ms Image
image/png 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-star.co.ke/publication/custom/static/logo.png
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dc41532218c4aedb2e069256335e97cfce9ee7307fd71530240499636493fca

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 73154
etag: "SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WMV2ZSp%2FKHcRxyZV3%2BGdXCo0fn1YpYH1d5jIvYIUdfpoUwAljfmy3hw3n78LZ5kmB8YzSmWhLkgBoIMmbo8y82m1rs00AVSI%2BUHSQ3CrnwOmAfNaR80YeJo27dIWc2%2F3o7bUEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-cloud-trace-context: fd05d8ef33640adcb6ce732eaee4cfee
cache-control: public, max-age=86400
cf-ray: 791f66cd6a57a864-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:16:57 GMT

GET
H3 200 fi_user.png
www.the-star.co.ke/publication/custom/static/ 980 B
1 KB 432ms
431ms Image
image/png 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-star.co.ke/publication/custom/static/fi_user.png
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498340b5ce57af046941ab37ea458fa90fb70d7561fd4507db89d6510c7bdde2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27358
etag: "SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvGqQUk4nljNkOR%2F5OwvrqoRtU%2FX2e7to2rxsg4UtLluJWMc4wgsQX5OUj3lMyMDTELfwNc7quvskgUvVE2BMMBbBN8UzH2CRvDnO5VIR3wQf3h5vvUXcWz5vfISudSQsXuLnPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-cloud-trace-context: f4159aacc4e5a92ad044422e041cb6c5
cache-control: public, max-age=86400
cf-ray: 791f66cd6a59a864-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 20:00:13 GMT

GET
H3 200 email-decode.min.js Show response
www.the-star.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 144ms
143ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.the-star.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ce6a10-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzkVhoJFKJzrMJNpE6RfYpzMhSQW4FLseIdFRQ%2BFa%2BN4f16CIAuJWEeMJWax7jDKFKxSNKMLGzXrL5XacKL%2B1LQlODCJhFFnN%2BGRc%2FhB4CVKOAVKtAONc16kOVI8xrYJ6bcwR6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 791f66cd5a4aa864-SYD
expires: Thu, 02 Feb 2023 03:36:11 GMT

GET
H3 200 main-padlock.svg
www.the-star.co.ke/static/ 2 KB
1 KB 289ms
288ms Image
image/svg+xml 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-star.co.ke/static/main-padlock.svg
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 498d521089ab4acd1cae9ffcc81f4fafec6c3f5a0c2c167af2c23bdfa2a726c8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64458
etag: W/"SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxyBVLtuFBMcqfvG3Ck2YXq1S%2BK3wD0CCr%2B0VKc4b7SwrMuRTKSsQDuBiExbe%2B%2BoTUdmp2YL8g9S77%2FmplsbnquFxT80MT5fkCMiRn02d8Lo6ptaZYGd43Ki4x%2FDU%2FI2qqg%2FNLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 9bc0df019cd8a85e346339cb90c237c6
cache-control: public, max-age=86400
cf-ray: 791f66cd6a5aa864-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 09:41:53 GMT

GET
H3 200 css
fonts.googleapis.com/ 28 KB
1 KB 280ms
279ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

1700f83003b043d183ab54ed4925d06ec9f28639c45cd8444c85403acaeab533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:36:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:24 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/thestarkenya/ 583 KB
50 KB 969ms
319ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/thestarkenya/loader.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e21c71ae4fa46b01e4e9f37a9fca155ad13017e6319ed62406970e2fd011922

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: C8rpPywKpVNIetyJmXJ6iqcK0KUaEz2s
content-encoding: gzip
via: 1.1 varnish
date: Tue, 31 Jan 2023 03:36:12 GMT
x-amz-request-id: 1K176T5YS6JZ1CX6
age: 22803
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 51119
x-amz-id-2: YNjFDnOJpds/pKEHm/AH35jLxYqa3dddzcNnqE0BkJM1nEsb6sg8mfjqS93uXSPdULdikG4O7pU=
x-served-by: cache-fty21381-FTY
last-modified: Mon, 30 Jan 2023 20:46:54 GMT
server: AmazonS3
x-timer: S1675136172.414345,VS0,VE0
etag: "0f9037b1aa67db50d14b800fcf910cc7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 96
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 18

GET
H3 200 fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
www.the-star.co.ke/build/publication/fonts/ 75 KB
76 KB 256ms
256ms Font
font/woff2 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/publication/fonts/fontawesome-webfont.af7ae505a9eed503f8b8e6982036873e.woff2
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.css
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11515792
etag: "yXvY6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLFWP2H836QYXIpko9QaUsZH4hRh%2FF8qp4OW%2BGJvd3AKg%2FgvYedZwmb7deosXTFTLXbt7M7aQGt%2BoFVqTtI%2FdlObQ4dgGD58JdI%2FXmAlh8MAt49t0djuo4HfgRfkhH9trdaOFzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-cloud-trace-context: 1b99584effc89aaed8d1417e8c726453
cache-control: public, max-age=31536000
cf-ray: 791f66cd9a8ba864-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 19 Sep 2023 20:46:18 GMT

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a286f51c2cc8db5c4ae150ee356cbc2baad652752dfb46b7d3b88279f5101a

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93471f8fcaa396f4c9693f34b00342ac089480ffd19c533be533a79fa3612b34

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f6bb04bd8d807c70ba5e42230f3e4460172332df8e3d2c9f5e24d3fea0a579d

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b18abf622e5ca89d6857b234fb96baa6d4076dba63d732a40b1014826d54774d

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7676f6dc117d2a5a2d5f2dd09fd5996029cdcf282474b9033dcfe4056b7f53c4

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72ab663925ecacafce058db542850be48a01953885fd418c1ee3717193c9bbb4

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 998 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3ecee88b825e4352286390755db48f1d97260c3699abc8707f3eabe5719c58f

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 925 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db00a6f537160d74a69e6c2743b95821a85edcb8b9d6f2a6dca060adcef9d914

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 473 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6278019f8667a088079e1e3884c4378e3863fa3f90aafbcc8a0a7a250c152bbb

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 550 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df46fee7df2f0328b26f123e6b5e0d53b321db72eef0e4d19aa28f27c1bafc1c

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 446 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32e821971814c7dd50dea34618b3181f45a9fdaab72bc529633725c190d2b9e3

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 E7yb-Kl8b5zu98Wb8GVKy0u2IpZ9F4hYLoaX99qhoR4kprbHsbM3LwM1E1hfy0EnJ6mE5qYaNGbhVAF9LKVBscAWvFLLpDRIwUq7yJgrfzE
lh3.googleusercontent.com/ 28 KB
28 KB 1214ms
664ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/E7yb-Kl8b5zu98Wb8GVKy0u2IpZ9F4hYLoaX99qhoR4kprbHsbM3LwM1E1hfy0EnJ6mE5qYaNGbhVAF9LKVBscAWvFLLpDRIwUq7yJgrfzE

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

2333d0173ac8b2e628442051e06b3fcb3936b926f8f68859ddfe7daf4dd8f005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28742
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 15:21:33 GMT

GET
H2 200 rYHnGU2V2bdRljfe9f_GfZTY0c6GFP_zbd0Ct6WEe4nWe1eexcJYB6IfG2mbE_Jjqi8gvZw9h4opu1GileYcQCfcWcHI8ELOMRC-z_5b
lh3.googleusercontent.com/ 40 KB
40 KB 1607ms
1057ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rYHnGU2V2bdRljfe9f_GfZTY0c6GFP_zbd0Ct6WEe4nWe1eexcJYB6IfG2mbE_Jjqi8gvZw9h4opu1GileYcQCfcWcHI8ELOMRC-z_5b

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

4ddbf0e16b17cc509f5115978a429b5c5284737c14e343f3fdcacf581e4f31bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40845
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:12 GMT

GET
DATA 200
OK truncated
/ 554 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a89d2c69775979c29ab9d55557dab76cd0533c54adc2a55f695dcc70dd6f235

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 397 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8019791a1e0c4e998cf012762453416a76ad50d6c5c985e708aac7be1ddb90e

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e2b3552bbcc9262e03663e73510fe2439312a0bf71142aeed74e0686637fc68

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 450 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbf6767dc875423191ba05f826ac2ecde67adfb307ef2f22ee2d3537a7691779

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b9c86af394e4b0b68f4289ee3c470e4fe7bb00512785f3cfd2b7ac6c46c02b7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58d93976daffda99c0d5376685a3cb1db6c86babccd917877b94053c070e4021

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 435 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e985d74674d328f85767b80f077954a6161b2b01eeda268b0f218ae5757e29e3

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 447 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 682b93e5bdfe8f2ba981a9bfe9ac3f01339242e50425b291ff7e74042a0fade5

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 402 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55716a9b6c89a09e68a65538f741fadd01ac7998637a9d8be1f31bb790bc7351

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 412 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 396890d2e339fa48ba1219be36552031a454f95fb9dd6fee61f4de566c78c91a

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ac01481db183c8e49fc4e1121e3c3b414edf0783b59a37cb8078e469dbf2939

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86f3e50f85bccd868e53f9f31010fb268f1b4f06918dc08a0186a80b52688b4b

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 404 -NN0ChoxL-eV16Tf7f8Q Show response
polls.the-star.co.ke/polls/embed/poll/ Frame 3672 2 KB
1 KB 976ms
320ms Document
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/polls/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a98064cca8a7895059d086c2ef279d92d1e68161bc4e7f0f72fa0c4cd7788ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: gzip
content-length: 777
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:12 GMT
etag: "3bcdb91403e0461fadc21e1da419335c9f1b2a93b7b68a6f0abb4515f6365fa6"
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fty21341-FTY
x-timer: S1675136172.062682,VS0,VE1

GET
H2 200 bl_Aj15B-Cn8TugYIjm6BZHUGyjFlN1ERRNit3fb5k8jd_PPPUjgzx1Zp8X3JUHFd1bmC_ziSbMwC0TFhww91jcHMKOqY02k4OeLsbFMVg
lh3.googleusercontent.com/ 34 KB
35 KB 1491ms
941ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/bl_Aj15B-Cn8TugYIjm6BZHUGyjFlN1ERRNit3fb5k8jd_PPPUjgzx1Zp8X3JUHFd1bmC_ziSbMwC0TFhww91jcHMKOqY02k4OeLsbFMVg

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

5176e48ae687ff2ecb6f7f1c75fbe3030ae67ce26a072ae0b84814b586b41a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35281
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:35:18 GMT

GET
H2 200 dPzQDIsMx3Dc0uDsCnR01LLDR_IIOM7m2OUw88SW3mSrw-aWh1fgHU8wNuXo66SRq5kM39m3tf7tVJqC04KPTe_7i0qjAlAouO69GEUNRQ
lh3.googleusercontent.com/ 32 KB
32 KB 1236ms
827ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/dPzQDIsMx3Dc0uDsCnR01LLDR_IIOM7m2OUw88SW3mSrw-aWh1fgHU8wNuXo66SRq5kM39m3tf7tVJqC04KPTe_7i0qjAlAouO69GEUNRQ

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

21fbb11f704d2c8cb3d378a01dbd61acbe298d6af3258e052551a7b29c6b478e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32685
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 23:13:30 GMT

GET
H2 200 ANB58eUncD-kboapjntNMBJe3qSiYWjVBIRHUnCfQYcM_wAThvtLsTX-rJshQArkd8HbChuIy2i2Kr18K_S1DzTs_8FtXkxAzE3zNe22hA
lh3.googleusercontent.com/ 46 KB
47 KB 670ms
274ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ANB58eUncD-kboapjntNMBJe3qSiYWjVBIRHUnCfQYcM_wAThvtLsTX-rJshQArkd8HbChuIy2i2Kr18K_S1DzTs_8FtXkxAzE3zNe22hA

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

52bb4c7111183715cbad9a46de3b86fff85cb1d054ae7a86035c46a01a9c2952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6507
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47374
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 10:36:48 GMT

GET
H2 200 Dn94hdSc3sPyNyyaoq7sZCJSoOOZiz4tsbk0r3Zln1rRKyIbD8Rp06tlTA4S4-qLZojjbE6iKWX6ZlKJ0kWD365iNAM9-4KSnGqn23_fWw
lh3.googleusercontent.com/ 53 KB
54 KB 273ms
273ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Dn94hdSc3sPyNyyaoq7sZCJSoOOZiz4tsbk0r3Zln1rRKyIbD8Rp06tlTA4S4-qLZojjbE6iKWX6ZlKJ0kWD365iNAM9-4KSnGqn23_fWw

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

d66b5c46620d51e5c78a454725406cbb9596193331126bb6f60d904703ec91cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6508
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54672
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 16:42:27 GMT

GET
H2 200 dZs8B3i379CMv2DKGywryudSIQUEqhxHCoL8c4my1Z-Z7CtzQV2hjBFrNpHtGlAtRFmSvFH_Ilcv3Dvx_LjxeatdIykdPgvVbBPSIvA_NEY
lh3.googleusercontent.com/ 27 KB
27 KB 273ms
273ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/dZs8B3i379CMv2DKGywryudSIQUEqhxHCoL8c4my1Z-Z7CtzQV2hjBFrNpHtGlAtRFmSvFH_Ilcv3Dvx_LjxeatdIykdPgvVbBPSIvA_NEY

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

0d614fd3c369e198cf82a54fab5ee706a3ec6af2b6fdd18f175cb017fa90f00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6508
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27810
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 16:42:27 GMT

GET
H2 200 EhgCBf5W_K9uzsl0jg5LIWobOUlAs4FYv2KxK699aIPRe7JYh4Vxw2FqXbrPq4SXmTRr1Qto4SB-hIqwwblNeaSvg0pw-tMGAHPKM290Tw
lh3.googleusercontent.com/ 30 KB
30 KB 273ms
273ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EhgCBf5W_K9uzsl0jg5LIWobOUlAs4FYv2KxK699aIPRe7JYh4Vxw2FqXbrPq4SXmTRr1Qto4SB-hIqwwblNeaSvg0pw-tMGAHPKM290Tw

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

7cf522faccd0bf290288a03b5f91bcf99780e307a9f439749b8714fd6902df4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6508
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31109
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H2 200 Xcypet3kOWsPIg94H0klv3lgsAly_fSYkWXUAqMpU6taO8hbgThzV2v0UrhwJ9JBFMhPwXxNeu4un6oo01kohvn5m4P9i3JxIKNn_a3Q
lh3.googleusercontent.com/ 43 KB
43 KB 305ms
304ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Xcypet3kOWsPIg94H0klv3lgsAly_fSYkWXUAqMpU6taO8hbgThzV2v0UrhwJ9JBFMhPwXxNeu4un6oo01kohvn5m4P9i3JxIKNn_a3Q

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

6406a4add907e7ba6b46851af2e625eb5e059d1b730a77e679c408643520b23a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43767
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:13 GMT

GET
H2 200 _fWv4aET4p6kBIvovWuoVsFd_7R1FksGbvZ1u8AFveiM9GRoldSkfsfX3_u2aW4XdG8bbU25e91L47e1kZRylhCxEkLYel-bFXGcFBjq8A
lh3.googleusercontent.com/ 158 KB
158 KB 349ms
348ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_fWv4aET4p6kBIvovWuoVsFd_7R1FksGbvZ1u8AFveiM9GRoldSkfsfX3_u2aW4XdG8bbU25e91L47e1kZRylhCxEkLYel-bFXGcFBjq8A

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

5d147349060448cef253af7314c5633512dcaa7af91ff2e451557c1d2270406a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161693
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:13 GMT

GET
H2 200 PFxkngOEXTUh3X-uvcsx2x1uAfojU5KBZ5gSA6cM02j88KxYOQcLN2DEU4YjSl5pN4bDZfKV_uRXfFwnGJlRRmD_sqhQw3l-G15lBzNA
lh3.googleusercontent.com/ 297 KB
297 KB 317ms
317ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PFxkngOEXTUh3X-uvcsx2x1uAfojU5KBZ5gSA6cM02j88KxYOQcLN2DEU4YjSl5pN4bDZfKV_uRXfFwnGJlRRmD_sqhQw3l-G15lBzNA

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

a0ab00830b6cf8c39df374e5f83a42388e55b99235da17ab315c848b4d83e282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303889
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:13 GMT

GET
H2 200 FYY0XV2s1kG8gMDyiX31pZNT9KzDN_tvsfY2b_75GIMLOHF21hr3N3R4NyrVYRfbXXbINu4jHKWkZ3ySsJoi4h7GCvVwa0MVxqksQwMw
lh3.googleusercontent.com/ 39 KB
39 KB 483ms
483ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/FYY0XV2s1kG8gMDyiX31pZNT9KzDN_tvsfY2b_75GIMLOHF21hr3N3R4NyrVYRfbXXbINu4jHKWkZ3ySsJoi4h7GCvVwa0MVxqksQwMw

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

1c0972f196443730c293a5833debba43e77cb8d3c92569c316e0d7ec4c99dca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39858
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:13 GMT

GET
H2 200 qoC0Z8a33rFpNifqqCI9-Q42lciNqDYlcFAhQDlXkdw-h2A0EdM0cRKscuFemVy4vin3IecB8pUTFnl-ztkUX6_g6w2gly78rl5w9QOT
lh3.googleusercontent.com/ 200 KB
200 KB 523ms
522ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/qoC0Z8a33rFpNifqqCI9-Q42lciNqDYlcFAhQDlXkdw-h2A0EdM0cRKscuFemVy4vin3IecB8pUTFnl-ztkUX6_g6w2gly78rl5w9QOT

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

46aa36987712e6193aa86d06a12a467168885a12db8c9e863f0188e78e6df0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204319
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:13 GMT

GET
H2 200 WrXht7JyaRHLL92viDxW88KtN6HPmNHtd6y9vVUEGTZsiDKii6m_j2Rh8uJQ93whmbbS2R9Od9HBvwg-HFKL4vE97bbZT_57tebtXadS
lh3.googleusercontent.com/ 45 KB
45 KB 505ms
504ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WrXht7JyaRHLL92viDxW88KtN6HPmNHtd6y9vVUEGTZsiDKii6m_j2Rh8uJQ93whmbbS2R9Od9HBvwg-HFKL4vE97bbZT_57tebtXadS

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

45c27c944b3a25659c79f3ad20bf80ef9889ebbc2845ae85a7c2c4fffa8c9e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6508
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46451
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H2 200 -_lfgRxj1KQIa839zfS0dFWgea0WuOtV21Z1XUi8CEIkM9ag8_QJPy8SQr_stfRp1wIeLLuqWpUAuh5FUhLu_8AlYeilN7aGANkOtE1U2w
lh3.googleusercontent.com/ 42 KB
42 KB 487ms
486ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-_lfgRxj1KQIa839zfS0dFWgea0WuOtV21Z1XUi8CEIkM9ag8_QJPy8SQr_stfRp1wIeLLuqWpUAuh5FUhLu_8AlYeilN7aGANkOtE1U2w

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

4336d55222557ab42703e451fbe9e0c7a733539f215b141f737ded1ef16fd19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6508
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42755
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H3 200 Y-iz-yO1zXL-kRvUGIRU269e-tWdJaWKGdX6c3NMrFQuYUTW4I5pqPN5cNUsZHVyAP47eNxqBXuSBYcxlE3d9mYS_NdIk95WSaSIEJCBwQ
lh3.googleusercontent.com/ 29 KB
29 KB 275ms
274ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Y-iz-yO1zXL-kRvUGIRU269e-tWdJaWKGdX6c3NMrFQuYUTW4I5pqPN5cNUsZHVyAP47eNxqBXuSBYcxlE3d9mYS_NdIk95WSaSIEJCBwQ

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

95a8196bb500551a81a2cbb07a3066f4e37eb80b90a5d2a5cb8fb1192eceaff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6509
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30123
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H3 200 sHuo9WtWbqkwB2vLRC7dOsW0lOF_bHd8izkDdh7MZPRKkLBlFN_rOlVVJot2PuGTV9P_l8kC_DWlW7eO5qQYmVROdbb1ReMtKe7o5oN6lLs
lh3.googleusercontent.com/ 131 KB
131 KB 286ms
286ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/sHuo9WtWbqkwB2vLRC7dOsW0lOF_bHd8izkDdh7MZPRKkLBlFN_rOlVVJot2PuGTV9P_l8kC_DWlW7eO5qQYmVROdbb1ReMtKe7o5oN6lLs

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

75c8b28b94825551390e4a0bee1a85ce76d191c6ff9e03a3b1e31b8f1efedd3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6509
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134149
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H3 200 yDNZBlHRB8Df6D6YA6UxAqYcPyU3FwfYTgxEY1B-9qmLYa-M9UgldRF9B1Wkf05lVZNL1tV3B1Tn6j8gNsRdXV57Kh9LdBKLnU2ovhg7ALw
lh3.googleusercontent.com/ 51 KB
51 KB 450ms
450ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/yDNZBlHRB8Df6D6YA6UxAqYcPyU3FwfYTgxEY1B-9qmLYa-M9UgldRF9B1Wkf05lVZNL1tV3B1Tn6j8gNsRdXV57Kh9LdBKLnU2ovhg7ALw

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

b889cd4be09bec30d99de26961d2e3a4c1fc87c187ab9326caa70d9b97ca9d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6509
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52102
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H3 200 DhSo9ScLllM99RvdUJ2ycm4cKO34DC9D74Tngp7DzlovJ0i0ITGtcI0CWzCztzjp9tkPzSGTMtTbUfOiafsgipt94eLEUzgslomXrzXUZA
lh3.googleusercontent.com/ 59 KB
59 KB 564ms
563ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/DhSo9ScLllM99RvdUJ2ycm4cKO34DC9D74Tngp7DzlovJ0i0ITGtcI0CWzCztzjp9tkPzSGTMtTbUfOiafsgipt94eLEUzgslomXrzXUZA

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

f57b087063d1be22653ab9579eae1e5c640bfc7654d182d5b5ef55110f63c266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:45 GMT
x-content-type-options: nosniff
age: 6509
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60150
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:45 GMT

GET
H2 404 xgreen-logo-ss.png.pagespeed.ic.ZEI47I_OoG.webp
www.myjobsinkenya.com/images/ 0
0 1108ms
488ms Image
text/html 172.67.188.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.myjobsinkenya.com/images/xgreen-logo-ss.png.pagespeed.ic.ZEI47I_OoG.webp
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.188.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 993 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6de586436796f02a3c1542ca2a34750b74d0f6d9994f7db2d17cb5cf3d693710

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 935 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36cfe83202abb5473b2f38aa1fb8efca4f689b3eff8f52387c095886f43b8d9

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 007ecdab25d33df45aaa870060b31044017b63613270373867c3e4b4bab0e0a0

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 466 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36c8c49511f02f28b45b94fd621b747c835ff7850534361219632d0290cde85e

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aec250d7cf971477a9f08c25ea4188c178a48d0288c70d397e5a2124e4dc051f

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 453 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a25b4ea2db2c4dc1844de60c4c250d48cc20a763f4a973b890d7c5b5ad15488d

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H3 200 21eGCfVZC35N90LP2asRXCTNQ54KUINcknbi7Vtc4mxUxjZvYJdl7sRHCheeuQQXfTOsEx4eRjbWdIIe4GjbqHNKvU1eHblNra7f-TCJbA
lh3.googleusercontent.com/ 27 KB
27 KB 554ms
553ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/21eGCfVZC35N90LP2asRXCTNQ54KUINcknbi7Vtc4mxUxjZvYJdl7sRHCheeuQQXfTOsEx4eRjbWdIIe4GjbqHNKvU1eHblNra7f-TCJbA

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

981f6a227a100ee1b02f2c108bacf0ffae43c43913288aaa98541502d953607c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:14 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27902
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 14:35:18 GMT

GET
H3 200 f7CcinJMjURyWF7ZTQmvdWHPqtX_i8zKrhrJAfQJ9LdY6DfsvTaM4mPM6YgY0zmunpjehGKtNGbtETpn9fRzvXVGG2MjVYfcuOlWiCR2
lh3.googleusercontent.com/ 28 KB
28 KB 373ms
372ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/f7CcinJMjURyWF7ZTQmvdWHPqtX_i8zKrhrJAfQJ9LdY6DfsvTaM4mPM6YgY0zmunpjehGKtNGbtETpn9fRzvXVGG2MjVYfcuOlWiCR2

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

b016a04f77d6df226388f83da13a6a20e63dd7c895b3e8cf5f556a87ac269958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29043
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 16:42:26 GMT

GET
H3 200 3jvG4fSYW8-X8nqiw3sfQXufzw9cg-v8A4HASpj7C-E0qUCR3pzPz8ApWzrIhYlfUqhDnl7WRkgabW7xYpesQg7LPYZjLSjxCd2-U3IVjPI
lh3.googleusercontent.com/ 30 KB
30 KB 336ms
335ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3jvG4fSYW8-X8nqiw3sfQXufzw9cg-v8A4HASpj7C-E0qUCR3pzPz8ApWzrIhYlfUqhDnl7WRkgabW7xYpesQg7LPYZjLSjxCd2-U3IVjPI

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

14939db9e2782d32cbc874d2f5939aa07753edf244352773c43ca33ac30bf16a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30885
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 23:13:02 GMT

GET
H3 200 Vqccy_L6BGKxG36m4hTGctMNpKhYbI-ymSnrqPybZiVjGjOn1qfmJPZXCH5QhZ6CoFP-Ycy9hjqx6I-p1iiDgFTODaL_qwf3D4kyIMSZ
lh3.googleusercontent.com/ 41 KB
41 KB 355ms
354ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Vqccy_L6BGKxG36m4hTGctMNpKhYbI-ymSnrqPybZiVjGjOn1qfmJPZXCH5QhZ6CoFP-Ycy9hjqx6I-p1iiDgFTODaL_qwf3D4kyIMSZ

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

ad5f3238c5699b802b1840ca034b26ea86c55ec3735cc39c6e51ad871c08e923

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42465
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 23:33:17 GMT

GET
DATA 200
OK truncated
/ 407 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec76deeaba507c37f385155905b4c63e538eb3cfb2c9315aacdb02a22ad7379

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 442 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c339cfc899bb024241c30eb3dc84dc2dde32805c5f7d9632b2c1dada4c2b94e2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 575 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a20808156aa7fccc4a9662121d02894333ebd4195371027ba6ec6d9f1a786696

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2b11c4a7e28e22122ce2cfa4deec1eb76ab4879d644454a8297a616c2f0af90

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H/1.1 200
OK xyfkqvVtTBnP Show response
cdn.onthe.io/io.js/ 66 KB
20 KB 1100ms
544ms Script
text/javascript 139.59.55.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/xyfkqvVtTBnP
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 139.59.55.128 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: a13c674ab5700fe40ea77abbae8a8c8d7ff9aa6ec42c54e40f728306f2ae18e2

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 26 Oct 2022 16:39:30 GMT
Server: nginx
ETag: W/"635962c2-10730"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Wed, 01 Feb 2023 03:36:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
78 KB 1250ms
704ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

47d03df55ceeb354e3ef0fdb5adf4ffd51613228618ddfb3040336b5c1d040f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Jan 2023 03:36:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
52 KB 785ms
279ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9TCTMC

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

5cdf0e1a778ccd90c6656df0d6eb60b6bf574bc7a11a99b4418ea0ae1dd75c48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53062
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Jan 2023 03:36:15 GMT

GET
H2 200 heap-2240579796.js Show response
cdn.heapanalytics.com/js/ 110 KB
36 KB 817ms
270ms Script
application/javascript 13.227.254.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2240579796.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-18.sin52.r.cloudfront.net

Software

nginx / Express

Resource Hash

abe96ac79bcc4d6b86e449722bebecf96b9f8cf43745fe2b4d2d2d86999b91df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:34:59 GMT
content-encoding: br
via: 1.1 95d5bc8b4873ccfdcd27d17cb5965ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: SIN52-C3
age: 77
x-powered-by: Express
etag: W/"1b888-bvdzJUs5E5Rq7vbYkS1Uzg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cIfejpoNt8fC0BJRZQK-xO18-XJ2ddE_pA1dv8RKyuyiiutFi47DMg==

GET
H3 200 entry.b723c523bed74f30766d.bundle.js Show response
www.the-star.co.ke/build/chunks/ 240 KB
81 KB 212ms
212ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24ed15e9fb058e344618b8c7a68b56b5765ea51b1765fac3372a040955da6877

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 442242
cf-polished: origSize=245716
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbOy0DQWnogpclPO7EA%2Fm%2B1UBhzGIxRxFtGlfDMYqTYGgCcb2OwrfrjRs226xg0th%2FoIiMVIU9aEFcSsa3UPSGfvzURHsbBAmoByGhQZtOq7m%2BNVwQPErHY8p0Dc7Z2mDp9nINE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: e161e4b5c4dfb990a188c06b580bbafd
cache-control: public, max-age=31536000
cf-ray: 791f66cfac7aa864-SYD
expires: Fri, 26 Jan 2024 00:45:29 GMT

GET
H3 200 section.aa88f88387d06b738191.bundle.js Show response
www.the-star.co.ke/build/chunks/pages/ 417 KB
80 KB 160ms
160ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/pages/section.aa88f88387d06b738191.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 539eb6d2511a5017738b539919b691bb7b2b7265b97b4f06673eef710612069b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5810045
cf-polished: origSize=427516
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"QRnG8g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3n0MmulmCRrui3HLtuhyea2CI6FRhqaH0wqciyS5AWy4sxhAzAuQsKWRLCBVpQoogdOCTPXRtNVPhEWOZzgGLdIs70qfWBMDIfQ3lQ6%2BTeaiFsF28inIArZQe6bupySQ6LkLe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 65dae610c1b465dfb2a7f6e1f0b0681c
cache-control: public, max-age=31536000
cf-ray: 791f66d0fdb3a864-SYD
expires: Fri, 24 Nov 2023 21:42:05 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8b65979a67907fc6136e6daaf927b495a387ae2acf80ceeac0b56cd16fd1b55

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e805b6e423e6b107b9a89230ce5d85c75e5706dc1ebe672b7aa474ea40b59b42

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 472 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfc3c01a4396b8665c185dd353721f7dac724bdd6d9ee0ce77dfe79f2b17616f

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 962ms
320ms Script
application/x-javascript 157.240.15.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-sin6.fbcdn.net

Software

Resource Hash

07f3800690af7b6f99f1b3a4b466b38be589e47990ee4cc772bd68921fbf9af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 03:36:16 GMT
content-md5: 6UtDUN0dFxgbHWcvnyiHNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: wqq1lOlKENioboyyNLpybz0EZcXl2mieffHGrlNosFJGQep6saIzoz1m2SdPIXn6H2WEB+FTAuJ7PGBN05eQuA==
x-fb-trip-id: 548340344
x-fb-content-md5: 9d84f88c819f8652eda43c9c6e179092
cross-origin-opener-policy: same-origin-allow-popups
etag: "e42059f7446138a3dd7ec7daeeba6e91"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Tue, 31 Jan 2023 03:36:48 GMT

GET
H2 200 pubads_impl_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 273ms
272ms Script
text/javascript 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

sffe /

Resource Hash

5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 17:06:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133524
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Jan 2024 17:06:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 304 B
164 B 820ms
275ms XHR
application/json 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.the-star.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

03064acdab807ad7d6a936b31b7f77cae92fdd216c2ea9a0ab392b734ca461a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:12 GMT

GET
H3 200 NAbHAtUjlf25oGxL_p_3eaY6jA1ete5FAA3HdS8KNlLbFhuBj_OCQWudrhaIJTn3fwDF6cbm93mfUcRSD47DxxPsdwOIGxVaegOFRUtA=w800
lh3.googleusercontent.com/ 91 KB
91 KB 273ms
273ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/NAbHAtUjlf25oGxL_p_3eaY6jA1ete5FAA3HdS8KNlLbFhuBj_OCQWudrhaIJTn3fwDF6cbm93mfUcRSD47DxxPsdwOIGxVaegOFRUtA=w800

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

5c384967e0e98775b927ba3e55939f6f983e9d55c7e903d8f94ebff83a4d9ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:47:49 GMT
x-content-type-options: nosniff
age: 6506
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92949
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:47:49 GMT

GET
H3 200 _v_VC4TukUJAEoUs1dANH-ictkg4Jy8PODdEgNoi8k-awHHDzpImzoyjEgdK5iGmjY6gwnDlyAj72KI_P42gkmhtPObYRo5DT42ggyOBnQ=w400
lh3.googleusercontent.com/ 28 KB
28 KB 283ms
282ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_v_VC4TukUJAEoUs1dANH-ictkg4Jy8PODdEgNoi8k-awHHDzpImzoyjEgdK5iGmjY6gwnDlyAj72KI_P42gkmhtPObYRo5DT42ggyOBnQ=w400

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

be21f21af8e2774f69562660a842c622dbe11d39d11a26e9958c049076b51038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:48:01 GMT
x-content-type-options: nosniff
age: 6494
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28793
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Feb 2023 01:48:01 GMT

GET
H3 200 AzL64XTlHHvobW-rBBImHOppieIuumRflOZZpRH9qBtUW_0hhrdbw4BLtvHg36B-1cRxt7RmAGVvCb6cBuXUJGSQ62M=w400
lh3.googleusercontent.com/ 27 KB
27 KB 279ms
279ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/AzL64XTlHHvobW-rBBImHOppieIuumRflOZZpRH9qBtUW_0hhrdbw4BLtvHg36B-1cRxt7RmAGVvCb6cBuXUJGSQ62M=w400

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

81be319efb8fcc7e13954b485504cce982eb5904693aee428986cd9c4a44b25f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:15 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27380
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 31 Jan 2023 23:13:02 GMT

GET
H3 200 ILMFXxlvaDa8L8fDwP3SBHbvu_ahsqQkdJKemEwGZrQYVDQJxl4RCbyVlxDruHYaJv_QnPopyC9a5M8SHBuEl60ZLxVqK7cAPFKVNvs_cA=w400
lh3.googleusercontent.com/ 39 KB
39 KB 279ms
278ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ILMFXxlvaDa8L8fDwP3SBHbvu_ahsqQkdJKemEwGZrQYVDQJxl4RCbyVlxDruHYaJv_QnPopyC9a5M8SHBuEl60ZLxVqK7cAPFKVNvs_cA=w400

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

7c44eb9a3596ee3cf1af26b1e6d0d43ff30a2244059ff47aba956fe973db2cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40341
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:36:16 GMT

GET
H3 200 4.c50610c086f75d05a105.bundle.css
www.the-star.co.ke/build/publication/ 29 KB
6 KB 148ms
148ms Stylesheet
text/css 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/publication/4.c50610c086f75d05a105.bundle.css
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b6a321a301b05f87c762c6d3309c7077b9aaafb5d7389f86bf42a79d823d2c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3457438
cf-polished: origSize=29691
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"XYOzlw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8Z21SMoltHi8y6g6CEDPh1%2B3Q4iNJ7cIi%2B0XaQSLDR%2Fu%2FV9vf4xuf4w4eLFrQZ3GYWdFISpUqPb02gGIdsI7DuzRjMGLE8PJk0OeNga1e7yABRlQo08seEltYejR9wc1wTXIZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: afc641098a0b0d8440bd2ff660b39dfc
cache-control: public, max-age=31536000
cf-ray: 791f66d3183aa864-SYD
expires: Fri, 22 Dec 2023 03:12:13 GMT

GET
H3 200 oo~d9aca0d0.c50610c086f75d05a105.bundle.js Show response
www.the-star.co.ke/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/ 194 KB
54 KB 157ms
157ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/vendors~base/app/edit/shell/shell.js~base/app/entry/entry.shell.js~publication/base/widget/dialog/oo~d9aca0d0.c50610c086f75d05a105.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1331047fb3afa65f98be0248a07e6227b3f89e1f78e7311d93b417c0a7b366

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 442245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWhdtZ5a%2BNTbmwHvZvP70nklI9ng18HovNLSSYn30nscATW9%2BM%2BzPdWK5pzNfLX5hhPOgsUjikIhjErrx%2FDriwZYrtgjYtNAzVToWnEThSaEuCon0Lqo%2FYBqEX3ubGOh93aB7yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 2962cb566ee494893d25ea4dc794317f
cache-control: public, max-age=31536000
cf-ray: 791f66ed6b08a864-SYD
expires: Fri, 26 Jan 2024 00:45:31 GMT

GET
H3 200 oovvuu-edit-dialog-index-js.bcd5bd60fc73d07e7502.bundle.js Show response
www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/ 33 KB
5 KB 152ms
151ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.bcd5bd60fc73d07e7502.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5ef89e903158b043bfcbaaf1e1a475b816e56e5e3887d5f5d99634eafd8458e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11552546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"yXvY6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJRPcuW8TY0JziknFNppZI3zO9lJVoXm%2B3iSCg33Aw4W2pZTZtWSJ4Y%2Ff0bCfnFqw9m%2BZQF8Rr6ynT3PhWXfdYAYN%2BHNS8FsJcv95H%2BgKfbQ67gb0YidOEaML31WcRsF0V6vZeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 18f5f89313f622e7e9fc239676a07e7a
cache-control: public, max-age=31536000
cf-ray: 791f66ed8b25a864-SYD
expires: Tue, 19 Sep 2023 10:33:50 GMT

GET
H3 200 entry.shell.js.20f78fca8050147abf77.bundle.js Show response
www.the-star.co.ke/build/chunks/base/app/entry/ 11 KB
4 KB 151ms
151ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js.20f78fca8050147abf77.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c387c2370eed4d6430a3da7d4c0317aac9a3f9367cda0202f6e0928b9e12ae5c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11552546
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"yXvY6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zajJn88GFEE6mQYmp2GcwSQtvUp2ZaeQ4CNXjtXGiD12cu9shvPgeG%2BBOYSUyw5cSthNicYMliWXbY4qe3I1H11k1srBlGlS2exUhnE1tVXUs5FZEi7cnGNok5AiYTu2uZKbJfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 18f5f89313f622e7e9fc239676a07e7a
cache-control: public, max-age=31536000
cf-ray: 791f66ee6be9a864-SYD
expires: Tue, 19 Sep 2023 10:33:50 GMT

GET
H2 200 issue Show response
www.mgazeti.com/api/latest/ 523 B
954 B 1808ms
1320ms XHR
application/json 172.67.218.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mgazeti.com/api/latest/issue

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.218.127 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a825e752347630a99f3aa66d5f79e1f132ecea81af55de109f964bfd5e6a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.the-star.co.ke/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding, Origin
x-ratelimit-remaining: 59
content-type: application/json
access-control-allow-origin: https://www.the-star.co.ke
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRugFtscsaMUzPOpvta4dEMx%2BcKjxc4XBXtZVONoZ%2Bj9sqn2kc%2Fg5h4XUnWKsS3VLfcv3J8JL%2Ff1Jh1QC%2BV3CcPf2RqW05Nz3zduck6VGSOMb2SLBH34RUQ0JJg8xaAgNbk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
x-ratelimit-limit: 60
cf-ray: 791f66d62cf8a8a7-SYD
x-frame-options: SAMEORIGIN

GET jobs
myjobsinkenya.com/api/fetch/ 0
0

GET
H3 200 entry.shell.js.d2f625b23227db67dd69.bundle.js Show response
www.the-star.co.ke/build/chunks/vendors~custom/app/entry/ 8 KB
4 KB 157ms
157ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/vendors~custom/app/entry/entry.shell.js.d2f625b23227db67dd69.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e21aa71f9cb4159176eb80c1c9677d75fbd1da3a028931a63fdb483d089cf3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11552546
cf-polished: origSize=8666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"yXvY6A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ5%2FWOO6XYY7hSxgFIKPY%2FvatPTWa6h6jtghDoy64av%2BiuvOQOfJxdc3J0jlwXJMmxT0XUSYl%2FvY5Ri3wgRyqTc07O7iYTXGItFmZ3l%2BzVBtWyCfkXWwE5ug2O%2Fh7MyqmMe6tkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 18cd92bb9a31f5c230f720b5511a72b2
cache-control: public, max-age=31536000
cf-ray: 791f66ee7c02a864-SYD
expires: Tue, 19 Sep 2023 10:33:50 GMT

GET
H3 200 entry.shell.js.4f1efb808dc634734bc5.bundle.js Show response
www.the-star.co.ke/build/chunks/custom/app/entry/ 23 KB
7 KB 149ms
149ms Script
application/javascript 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.the-star.co.ke/build/chunks/custom/app/entry/entry.shell.js.4f1efb808dc634734bc5.bundle.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/entry.b723c523bed74f30766d.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82c2846e1cfc97ab99893211dd3c20de6c1dd0f6d1099cf362b1aad84faa0f2d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6723489
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"y0kcbw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLYzyCaNMsS%2BLJr0Pr9Wg8VfJ%2FUW7cAnUcpvz4ZK8XPVBk1c0jxScrN3dIp9vR7OwWwyje%2BiLYfN6PNrZIC8HIjehYQshPk4GHoKn1NQHbSSd6t1ErU%2FCMs%2FVbydC3ikV9BcSz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 758bbe6a8f3f3b56c7a750702ba50bea
cache-control: public, max-age=31536000
cf-ray: 791f66ee8c0da864-SYD
expires: Tue, 14 Nov 2023 07:58:06 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame C3A8 118 KB
35 KB 609ms
143ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
content-encoding: gzip
x-sp-metadata: HS256.CMG14p4GEogBCiQxMjg4ZTIyOS00ZjRjLTRhN2YtYjMwOC1kODIwZTA4NTZkNDIQ4LuY6t7p/AIaBgixmeKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDEyOGJkYzQzLTlhNGYtNGMwZS1iYWQxLTM2Yjg3ZmFhY2E3Nhi1lwIiGAgCEhRjZHMyMDYuc3kyLmh3Y2RuLm5ldA==.eCuYQcALXF8XxRSnCXwuS21p+sgkfVAaI4usMm2MnaY=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1675136177.cds207.sy2.hn,1675136177.cds206.sy2.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame B26F 118 KB
35 KB 807ms
341ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
content-encoding: gzip
x-sp-metadata: HS256.CMG14p4GEogBCiQwZTIyM2E0Ni00ODY2LTQ1M2MtOWU2Mi0wOTBiZmI1MTM3ZGYQ4LuY6t7p/AIaBgixmeKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGIwY2E3ZWVkLTFhN2EtNGViZS1hMmVhLTViYzUwMmUwM2JhNxi1lwIiGAgCEhRjZHMyMDYuc3kyLmh3Y2RuLm5ldA==.LKKBpjkGkmb4P+QWVAJCOKRunkCDINEbup9E8byGILw=
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1675136177.cds207.sy2.hn,1675136177.cds206.sy2.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
541 B 733ms
246ms Image
image/gif 72.247.81.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.81.161 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-81-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 Jan 2023 03:36:18 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1675136178234085-14
Expires: Tue, 31 Jan 2023 03:36:18 GMT

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=62771591.5040565361494485011.27904886
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=62771591.5040565361494485011.27904886
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=vidoomy&ssp_user_id=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-WHdeikdE2plWY9PrzM1DO5PWfKJOclY0IYT4UA--~A&expires=5&ssp=vidoomy
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed

43 B
467 B

592ms
383ms

Image
image/gif

18.195.73.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 18.195.73.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-204.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
Date: Tue, 31 Jan 2023 03:36:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58610/occ
https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-V1Z3h1dE2uFvYxSl9LS3MvrLVtk3mKyaFRnZ9FE-~A

43 B
475 B

1801ms
384ms

Image
image/gif

18.195.73.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-V1Z3h1dE2uFvYxSl9LS3MvrLVtk3mKyaFRnZ9FE-~A
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 18.195.73.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-73-204.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
content-encoding: none
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 43

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-V1Z3h1dE2uFvYxSl9LS3MvrLVtk3mKyaFRnZ9FE-~A
date: Tue, 31 Jan 2023 03:36:18 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 / Show response
polls.the-star.co.ke/polls/ Frame 3672 3 KB
1 KB 320ms
319ms Document
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ea7f54f824a6fc2544000de63c3459f6e743ab13039b5abdee715dee7ac9c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://polls.the-star.co.ke/polls/embed/poll/-NN0ChoxL-eV16Tf7f8Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 1143
content-type: text/html; charset=utf-8
date: Tue, 31 Jan 2023 03:36:12 GMT
etag: "c680b0f4aa9b3a89b609ad5437381f5a230b9d2aec5b9e002725516f86fcd529-br"
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
x-cache-hits: 3
x-served-by: cache-fty21341-FTY
x-timer: S1675136172.397041,VS0,VE0

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.4/css/ Frame 3672 95 KB
17 KB 370ms
130ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.4/css/bootstrap.min.css

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482f6923b75a2880441f35ead0912d3abf72325e55ef230caa8a30b30f2eccdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://polls.the-star.co.ke/
Origin: https://polls.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 900
age: 28257
cdn-cachedat: 06/23/2022 03:30:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:01 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"9c4cb4ff957dc75b4ad8ea73124a9025"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c681fffc10ba105aa23612c5d936bcd5
timing-allow-origin: *
cdn-requestcountrycode: BR
cdn-status: 200
cf-ray: 791f66d86c9b1c62-AKL
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame 3672 28 KB
7 KB 372ms
132ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 637, 617, 617
age: 17870571
cdn-cachedat: 2021-06-08 12:15:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ebd9cf308029cc11bdb698a5eb26aea1
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 791f66d8696ffb8c-AKL
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ Frame 3672 2 KB
993 B 824ms
278ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Monoton|Roboto

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

61014c361ca697a474f92b408a0b06f8528d0753e695361bd56b21324d591ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:36:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:13 GMT

GET
H2 404 main.6a3a9404.css
polls.the-star.co.ke/polls/static/css/ Frame 3672 0
0 330ms
328ms Stylesheet
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/polls/static/css/main.6a3a9404.css

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-fty21341-FTY
strict-transport-security: max-age=31556926
content-encoding: gzip
date: Tue, 31 Jan 2023 03:36:12 GMT
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
x-timer: S1675136173.728186,VS0,VE1
etag: "3bcdb91403e0461fadc21e1da419335c9f1b2a93b7b68a6f0abb4515f6365fa6"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 777
x-cache-hits: 1

GET
H2 200 main.5007b4eb.chunk.css
polls.the-star.co.ke/static/css/ Frame 3672 18 KB
1 KB 322ms
320ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f92cc7ae28eb75c3a92e8b34257912eb932dc22cc7dcabd7b29d15f6abeba4fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-fty21341-FTY
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 31 Jan 2023 03:36:12 GMT
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
x-timer: S1675136173.728148,VS0,VE1
etag: "1572800ea0c6677ca838e98e397dedbad9cdeaa2400fdfe4eab81fe508685914-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1349
x-cache-hits: 1

GET
H2 404 main.af74b8b9.js
polls.the-star.co.ke/polls/static/js/ Frame 3672 0
0 326ms
325ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/polls/static/js/main.af74b8b9.js

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-fty21341-FTY
strict-transport-security: max-age=31556926
content-encoding: gzip
date: Tue, 31 Jan 2023 03:36:12 GMT
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
x-timer: S1675136173.728132,VS0,VE1
etag: "3bcdb91403e0461fadc21e1da419335c9f1b2a93b7b68a6f0abb4515f6365fa6"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/html; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 777
x-cache-hits: 1

GET
H2 200 2.901a5780.chunk.js Show response
polls.the-star.co.ke/static/js/ Frame 3672 745 KB
176 KB 330ms
329ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/static/js/2.901a5780.chunk.js

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

47c7188d8a8c546806eda7758802d071aa67f30b16ac565f207b250b9e737a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-fty21341-FTY
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 31 Jan 2023 03:36:12 GMT
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
x-timer: S1675136173.728741,VS0,VE2
etag: "6668fcadb3500b595bd692c78d7e9038b45f46be943659c3bcc75c23bc0c1567-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 179972
x-cache-hits: 1

GET
H2 200 main.9ce352c6.chunk.js Show response
polls.the-star.co.ke/static/js/ Frame 3672 29 KB
6 KB 648ms
647ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polls.the-star.co.ke/static/js/main.9ce352c6.chunk.js

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

811fbe251991b76cc7c03247f23c64fc2eb463880f2108aedfe0d04978e3a778

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/polls/?p=/embed/poll/-NN0ChoxL-eV16Tf7f8Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: cache-fty21341-FTY
strict-transport-security: max-age=31556926
content-encoding: br
date: Tue, 31 Jan 2023 03:36:12 GMT
last-modified: Fri, 28 Aug 2020 13:18:13 GMT
x-timer: S1675136173.728697,VS0,VE4
etag: "e3d599c3eb762b3205c77e92549ca5082843fd696c25d7b0cab92068e7c21a35-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5738
x-cache-hits: 1

GET
H2 200 impl.20230130-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ 728 KB
152 KB 365ms
361ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230130-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/thestarkenya/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 61d82e0ae62e9f2a7d724c3a6fa22cb30ddfc4d8f8ec91de31580c3d8ff06fa8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: 7KtBpzCZ9UBmHYvmPnPTDTmEw3m_5.hv
content-encoding: br
via: 1.1 varnish
date: Tue, 31 Jan 2023 03:36:20 GMT
x-amz-request-id: 8465H1Z39PY1GR2C
age: 26183
x-cache: HIT
content-length: 154945
x-amz-id-2: 7vud7/qId1+gTGRj1hH5XJRnsnGuuIalBuw9t3IHYClh0pfURoGbsoKTvlbbN/DxrlVlQAUBm/8=
x-served-by: cache-fty21381-FTY
last-modified: Mon, 30 Jan 2023 12:17:26 GMT
server: AmazonS3-br
x-timer: S1675136181.537958,VS0,VE3
etag: "43778d68df6d87b14b6213d7da695373"
vary: Accept-Encoding
content-type: application/javascript
abp: 18
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 33788

GET
H2 200 css
fonts.googleapis.com/ Frame 3672 1 KB
492 B 281ms
280ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,600

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

f933d1ce742005229ee6ac90b11e1c69f27dbfbd55dcc9d9b9bdffb59db24983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:33:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3672 5 KB
703 B 276ms
275ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

6da58309c2b41920290031163bc4dae426d0e70922edb00a0b2ecda99b4d3932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:57:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:13 GMT

GET
H3 200 favicon.png
www.the-star.co.ke/ Frame 3672 15 KB
15 KB 150ms
150ms Image
image/png 172.67.193.140
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.the-star.co.ke/favicon.png
Requested by: Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/polls/embed/poll/-NN0ChoxL-eV16Tf7f8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.193.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5283ced9c89d851e0a501e9bd8294ccc98c03138020be052060aea58b9ed1d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 24037
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14938
server: cloudflare
etag: "SGz6VQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y32f9G3BuVYurfYlye%2B0OP0a%2BRbdTWWH483PVwbEn2FFG4KoRfvRlCyiPmdnH6S6Xty4Png4Y%2FyZPhJuP7JeoX5kMSHYAg2AMQsC5PVqroGTBqa9Zub8ZaviAnFwsiGhBfuL3Cs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-cloud-trace-context: 0d355943274d62184e397743543efc86
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 791f66de5afaa864-SYD
expires: Tue, 31 Jan 2023 20:55:36 GMT

GET
H2 200 pollbg.jpg
radioafricagroup.github.io/the-star-scripts/ Frame 3672 175 KB
176 KB 339ms
339ms Image
image/jpeg 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://radioafricagroup.github.io/the-star-scripts/pollbg.jpg

Requested by

Host: polls.the-star.co.ke
URL: https://polls.the-star.co.ke/static/css/main.5007b4eb.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-153.github.com

Software

GitHub.com /

Resource Hash

5eb9168c31d8e279a529edcb5463777d6e58a1d08fe28f070395499b6237d8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://polls.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-fastly-request-id: e1e6ea990480191fd899ce1d24515ea279cb17bb
strict-transport-security: max-age=31556952
date: Tue, 31 Jan 2023 03:36:13 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 179449
x-served-by: cache-fty21325-FTY
last-modified: Thu, 10 Dec 2020 17:48:41 GMT
server: GitHub.com
x-github-request-id: 4158:7D74:149482:1AD322:63D86DD9
x-timer: S1675136174.909981,VS0,VE20
etag: "5fd25f79-2bcf9"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 31 Jan 2023 01:34:41 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ Frame 3672 12 KB
12 KB 821ms
273ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Titillium+Web:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://polls.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 12:59:04 GMT
x-content-type-options: nosniff
age: 139030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 12:59:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3672 15 KB
15 KB 872ms
325ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Monoton|Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://polls.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 21:09:32 GMT
x-content-type-options: nosniff
age: 282402
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 21:09:32 GMT

GET
H2 200 1675097278R0ajeLwlFE36LPPp46nk9S5ZoQcgsr1.jpg
cdn.mgazeti.com/image_uploads/ 355 KB
356 KB 781ms
152ms Image
image/jpeg 104.21.45.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.mgazeti.com/image_uploads/1675097278R0ajeLwlFE36LPPp46nk9S5ZoQcgsr1.jpg

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.45.196 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae3dc8d820ce46369cc82df85d40702ffc4d7945f6bf78a1efaad34b5888ee7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:14 GMT
x-amz-version-id: ms2x9kS0MHgCDv90Kx9TnK69vfp1omiL
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 3536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 363634
cf-bgj: h2pri
last-modified: Mon, 30 Jan 2023 16:48:04 GMT
server: cloudflare
etag: "f01041c544ee2c025af569af3da552e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUfxVOIxZI2cwM8XNsLpoa7F1eqH9xGLrWaHPehgeBLiuzwbuU5debWKeqPrNzgHtXhnUxsyKg9yXvj2M0cqjpSnlEgA6ELXUlSqWJ7S%2B64wLbUd%2B56KqFv0Un347wtBB5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 791f66e268f6a87a-SYD

GET
H2 200 integrator.js Show response
adservice.google.co.nz/adsid/ 107 B
531 B 821ms
274ms Script
application/javascript 172.253.118.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.nz/adsid/integrator.js?domain=www.the-star.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 822ms
274ms Script
application/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.the-star.co.ke

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 613 KB
86 KB 1199ms
1199ms XHR
text/plain 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2401235701464617&correlator=3078151963451731&eid=44761477%2C31071579&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fifs&iu_parts=18440288%2Cthe_star%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%2C1x1%2C970x250%7C970x90%7C728x90%2C300x250%7C300x300%7C336x280%7C300x300%2C320x50%7C970x250%7C970x90%7C728x90%2C300x250%7C300x300%7C336x280%7C300x300%2C320x50%7C970x250%7C970x90%7C728x90%2C300x600%7C300x250%7C300x300%7C336x280%7C160x600%7C120x600%2C300x250%7C300x300%7C336x280%7C300x300%2C300x250%7C300x300%7C336x280%7C300x300%2C300x600%7C300x250%7C300x300%7C336x280%2C320x50%7C970x250%7C970x90%7C728x90%2C320x50%7C970x250%7C970x90%7C728x90%2C1x1&fluid=0%2C0%2C0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2C0&ifi=1&adks=770888038%2C888578440%2C2661969585%2C3408720554%2C3949682522%2C3408720553%2C3949682525%2C4051558172%2C3408720559%2C3408720558%2C3580882737%2C3949682524%2C3949682527%2C3925170996&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&prev_scp=Pos%3DSticky%7CPos%3DSkin%7CPos%3DMain-Leaderboard%7CPos%3DRHSMPU1%7CPos%3DLeaderboard1%7CPos%3DRHSMPU2%7CPos%3DLeaderboard2%7CPos%3DRHSMPU3%7CPos%3DRHSMPU4%7CPos%3DRHSMPU5%7CPos%3DVideoMPU%7CPos%3DLeaderboard3%7CPos%3DLeaderboard4%7C&sc=1&cookie_enabled=1&abxe=1&dt=1675136176396&lmt=1675136176&dlt=1675136170787&idt=5547&adxs=315%2C0%2C315%2C1135%2C315%2C1135%2C315%2C1103%2C1135%2C1077%2C1135%2C315%2C315%2C-9&adys=1305%2C8565%2C139%2C226%2C1478%2C1088%2C3350%2C3708%2C6141%2C8149%2C6528%2C5477%2C7982%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C0%7C0%7C3%7C0%7C4%7C5%7C6%7C7%7C8%7C9%7C10%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.the-star.co.ke%2F&frm=20&vis=1&psz=1600x-1%7C1600x9057%7C970x37%7C320x787%7C970x37%7C320x355%7C970x37%7C373x1014%7C320x326%7C426x37%7C320x650%7C970x37%7C970x37%7C0x-1&msz=1590x-1%7C1600x0%7C970x37%7C290x37%7C970x37%7C290x37%7C970x37%7C343x37%7C290x37%7C396x37%7C290x37%7C970x37%7C970x37%7C0x-1&fws=516%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C2&ohw=1600%2C1600%2C970%2C1600%2C970%2C1280%2C970%2C1600%2C1600%2C1280%2C1600%2C970%2C970%2C0&ga_vid=1629641582.1675136176&ga_sid=1675136176&ga_hid=1279818921&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

cb5e05871efbbce1befcb890c6b518e22456dd23fb0a40b84fbc80a3b939ecbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87621
x-xss-protection: 0
google-lineitem-id: 5563197487,-2,6213042463,-1,5563197487,5844018634,5563197487,-1,5563197487,5678496158,5563197487,5563197487,5563197487,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373367623,-2,138421207095,-1,138373367791,138372971859,138372897899,-1,138373367743,138347693628,138373367761,138334352635,138333977505,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F5B8 6 KB
3 KB 841ms
274ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:17 GMT
expires: Wed, 31 Jan 2024 03:36:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023012601.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 275ms
272ms Script
text/javascript 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023012601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

sffe /

Resource Hash

b429a2cc9ff16c152674cf66e0fc48e5e356fd8e9ef154c31e5cdf890c51238a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 02:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13740
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 09:36:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 27 Jan 2024 02:57:36 GMT

GET ht.json
tt.onthe.io/xyfkqvVtTBnP/ 0
0

GET
H2 200 player_api Show response
www.youtube.com/ 992 B
2 KB 877ms
329ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/build/chunks/base/app/entry/entry.shell.js~publication/base/widget/dialog/oovvuu-edit-dialog-index-js.bcd5bd60fc73d07e7502.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 31 Jan 2023 03:36:21 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 642ms
320ms Script
application/x-javascript 157.240.15.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b3c055335cede70de3445503dff16a6c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.15.13 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-sin6.fbcdn.net

Software

Resource Hash

389d786384db1111182af45134e6aed907f6a6582262be67d128c8f28bc88d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.the-star.co.ke/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 31 Jan 2023 03:36:20 GMT
content-md5: 7ke8SrMjsiB9434Jr+kYUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86971
x-fb-rlafr: 0
x-fb-debug: tkfiEwXjtv1ZZ4IoLIA05kUlQ1CP7hW6rKhfduqG+oh1/hiuCrP/evA9v0ECdW3ba+5nenMl0aVdT8LD7uqZ9g==
x-fb-content-md5: c56143dac071a6c8548a4cf67e39bbcf
cross-origin-opener-policy: same-origin-allow-popups
etag: "c88bb81767975cd584d64394d2864c27"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 31 Jan 2024 02:11:16 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 1088ms
335ms Image
image/gif 3.232.171.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2240579796&u=1685113199417527&v=5945422048486440&s=6714582131408909&b=web&tv=4.0&z=0&h=%2F&d=www.the-star.co.ke&t=The%20Star&ts=1675136176533&st=1675136176538

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.171.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-171-121.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 tag Show response
a.teads.tv/page/74198/ 655 B
763 B 1029ms
315ms Script
application/javascript 184.25.221.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/74198/tag
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9TCTMC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.221.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-221-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9123e69ec42adf7e8de45494f948394ccce0565f0b032b0c013776a15c5a6c37

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 422
expires: Tue, 31 Jan 2023 04:36:21 GMT

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 47 KB
13 KB 1035ms
358ms Script
text/javascript 52.216.132.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.132.133 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 06fd2a61dce61487dc324f208fdf13c255b8b1d2c6969c27609bde27488f0fa3

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 03:36:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 16:52:26 GMT
Server: AmazonS3
x-amz-request-id: JVS06P7JN699DF72
ETag: "863356224a730b55b977b4f902cbcd90"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13250
x-amz-id-2: icabFou+dYHFEU97NFpWhdmNxc5VEiczcSazs5G2XNdGQW0UsZF6Cvt+KM0beHvnvXJdMhK9g7o=

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/8fbc81b34949e649b39db10f686d6fd2/ 2 KB
2 KB 1094ms
609ms Script
application/javascript 139.99.68.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.survicate.com/workspaces/8fbc81b34949e649b39db10f686d6fd2/web_surveys.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.68.6 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ns564141.ip-139-99-68.net

Software

BunnyCDN-SG21-965 /

Resource Hash

cd1b93d52347be83cea77b6ebc07f5b157d5ba47da07fb0bb48b683c49eadf26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
x-amz-version-id: UE71e2N0kTYtTRQTOvxgtt0lylozzjK5
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cdn-edgestorageid: 640
x-amz-request-id: JVS7KN3DQ9MG7D86
cdn-cachedat: 01/31/2023 03:36:22
cdn-pullzone: 1158558
x-amz-id-2: sDPVgmYiejfewSX1yqhZbRJAclcxMy8gWCZ+Y5ydx+RD3BuoSxnie/FbrVkALy317gFumXI4C1w=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 31 Jan 2023 00:34:54 GMT
server: BunnyCDN-SG21-965
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"2362ca49cb97f084a0b98fcc2d0b9f36"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: EXPIRED
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=300
cdn-requestid: 698b5f8eca5f9653b0f70318a8af96ff
cdn-requestcountrycode: NZ
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 404 5544cb60-01b8-4c6b-bd43-11fbac705245.js
the-star.containers.piwik.pro/ 0
0 1178ms
396ms Script
text/plain 20.79.102.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://the-star.containers.piwik.pro/5544cb60-01b8-4c6b-bd43-11fbac705245.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.79.102.66 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
referrer-policy: origin
x-robots-tag: none
content-length: 0
x-frame-options: sameorigin

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
78 KB 280ms
279ms Script
application/javascript 74.125.24.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9TCTMC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

08d4c2c759332758f93626fc0ee1627a48701211d6bffcd9e85229ef24222b26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 31 Jan 2023 03:36:21 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
247 B 824ms
275ms Ping
text/plain 74.125.130.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-YVV0QW5VF1&gtm=2oe1p0&_p=1279818921&_gaz=1&cid=1629641582.1675136176&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675136176&sct=1&seg=0&dl=https%3A%2F%2Fwww.the-star.co.ke%2F&dt=The%20Star&en=page_view&_fv=2&_ss=2&_c=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.130.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sb-in-f138.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.the-star.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 822ms
274ms Ping
text/plain 64.233.170.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YVV0QW5VF1&cid=1629641582.1675136176&gtm=2oe1p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVV0QW5VF1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f154.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.the-star.co.ke
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.nz/ads/ 42 B
408 B 828ms
279ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YVV0QW5VF1&cid=1629641582.1675136176&gtm=2oe1p0&aip=1&z=276967885

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 780A 0
0 353ms
352ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLRgEr_cN5i-V1Hk0mlgxduJQlwsp8A-Pov5NBghQzClsgmVRBjXfsvm4fpSPeK0mEv_5vNuJ31AzEwF2iGHqUcTy6ZnMtxuSsd3i9yTOCqHGSHsr89iJtJv5sg4Ng6uIFvfKb1LExuiBOKZIk18BYUb2tx9Wq5MQrB6nBZuRW4qjFOA63GCCM3IgxD6JC_6kKzpD7C06h-5KdY0qxNZ5LKv6zQHldxP2Rdb0SLRqwYbsSP_4noNWKeOLoJdtowkVVe0GhFdSh5Ur7MD8TnWXn5URr8oNqsXTJuH2WvFOoKbKxhCrlyqP3A5nM8XtQlupHDw&sai=AMfl-YTi4-8crV8sAycf58buUqZ2rQ4nO3ETj3UP7SokN1L0wQJ-mH827uyv5wYBSobsW5MAi-zFhFofZM8JoBYlEGfjMSZOIAoN6iaZQDs3rH8dU7cEXzOxJX-s-hpxvzRWza35Ss0O2DzXpdg_rMjPIok&sig=Cg0ArKJSzHrFr9V7B9trEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 780A 3 KB
1 KB 277ms
269ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 17:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 780A 157 KB
48 KB 1225ms
678ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:18 GMT

GET
H2 200 6023383099905347500
tpc.googlesyndication.com/simgad/ Frame 780A 22 KB
23 KB 827ms
279ms Image
image/jpeg 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6023383099905347500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

9938e0ab84ebc4c9b2416aea14ea8dcd1fed69c28dedea2a46c4af980f0f3164

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 15:59:05 GMT
x-content-type-options: nosniff
age: 41833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22898
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 08:46:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jan 2024 15:59:05 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEF9 0
0 337ms
337ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwcCyGAVYC8qohofqE92J-I8FVn-zQB2bLuXPsMGKCUO5qrtzuyUdc9qG198YoX1E14NpM_bonVDrrFsorMTYB0_eFHAAGw46E-RgU1mOgW_sZe6XZuV9IB22tXlvLNH3pN_31g2pRszy9-BKdteGo9HelC1P0yCkLJrcw3U7rJA6U25BJtpmQcDKlr-0bCpk8ZslWFwlQuA4WVE8kbmo0i7IlJjtCJW9MN_enrkmQnd0qzhDv3ANB4CmCAwKMut_9HZvO4iT1souCVe7gnKsDrWQMea_L995XFU82Wim4E97OEYTbjI1GpRW_0uA0tCe6HKTbaw&sai=AMfl-YRouGPvUGHHjUsbm79FVt3MB_Fk8_fIMD4GDbHkNwKdZNtpeXhFRddUdyzMaA7nj5f4XlYWdUc5tcHpJu58AA14iQOs1FLyAF1UwM-1sWDrh6IHM-YKx5PZmhP2Wau-2-5LeJYuBq6j-_i7iAFnyes&sig=Cg0ArKJSzI1fknbuLIC1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame DEF9 3 KB
1 KB 273ms
273ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 17:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEF9 157 KB
48 KB 806ms
274ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:18 GMT

GET
H2 200 590228165360290347
tpc.googlesyndication.com/simgad/ Frame DEF9 248 KB
248 KB 1307ms
759ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/590228165360290347

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

5682873135c515d231edb79e550c7cc85858a5b1d41ee3d7fda026e137db378c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253692
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 15:09:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 03:36:18 GMT

GET
DATA 200
OK truncated
/ Frame 780A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d2c29a5843a7d2faeeeb95ae5d3556b80b19aa022022d58289d120c54e02d94

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DEF9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ad256bc6da9828dff420619fcee684af37f4f8ead71ab7f0ecfb8c736d7488c

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAA7 0
0 288ms
287ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRfzQiwbfPHGrwljxX_E1QeN2wPwVVgwWLet9ac4tvpl2RGpSWsLLwqyeBaoBqTllOBn5aiSilYVzF66QWM6lpnes_uaD4B0bcCrev_p2rY2fFeinDMrHuZwZlYVbA45BcaTsDBt7bHCIWRRl2Xhoear5J-sp0OAKQux9JATmGcSJ39QMHhzs9KdkYHrUfqUWKqDrZUNkg7qsAxbe0D-rCRR4-ThxLU0RX-WWACIJmaJo3Dq6BXmlfUDDFyj7TWpBo8UWCvuqL2803eheCVRwZewbFsR_4YT74kBUV3bWm0D03ndl1S1XLJCJYeQjX8NIoKA&sai=AMfl-YQdgXt0gU8k6bPHPytLnWLHDxCTcuiKxOOjjiwvihK6zE2r1nin4xcZBRRc5GnkZ9zrIQjooMbyxp90HmHZJUOw-YHCxFzTppaoaXilorhgqKQbQ3UUtxjxvAVtQFdR22dZWO2aNybFR_W2qL4DaIw&sig=Cg0ArKJSzMf00tZnq-KVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame CAA7 3 KB
1 KB 273ms
273ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 17:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAA7 157 KB
48 KB 1327ms
847ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:18 GMT

GET
H2 200 9282447125731457668
tpc.googlesyndication.com/simgad/ Frame CAA7 17 KB
17 KB 1141ms
669ms Image
image/jpeg 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9282447125731457668

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

42a4b0c88b2358f7302c4732a0fdd55b7bd7622d7bcf32bc250e9469963fe4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 14:49:08 GMT
x-content-type-options: nosniff
age: 132430
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17475
x-xss-protection: 0
last-modified: Sun, 13 Dec 2020 08:46:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jan 2024 14:49:08 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012301181928000/ Frame 1A2A 221 KB
61 KB 820ms
273ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 18:04:37 GMT
age: 34301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61734
x-xss-protection: 0
server: sffe
etag: "5b4f5406239652c8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Jan 2024 18:04:37 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1A2A 15 KB
5 KB 284ms
283ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 18:04:37 GMT
age: 34304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "47662644ea8653a3"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Jan 2024 18:04:37 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1A2A 94 KB
28 KB 281ms
273ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 18:04:37 GMT
age: 34305
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28817
x-xss-protection: 0
server: sffe
etag: "6eb387830c268337"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Jan 2024 18:04:37 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1A2A 5 KB
2 KB 273ms
273ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 18:04:38 GMT
age: 34304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1914
x-xss-protection: 0
server: sffe
etag: "f13d3e1d36b26a3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Jan 2024 18:04:38 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012301181928000/v0/ Frame 1A2A 40 KB
13 KB 273ms
273ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 18:04:38 GMT
age: 34304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12960
x-xss-protection: 0
server: sffe
etag: "f74ebce85e2cb18a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 30 Jan 2024 18:04:38 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1A2A 6 KB
672 B 278ms
278ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:35:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:17 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1A2A 3 KB
3 KB 734ms
273ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:34:47 GMT
x-content-type-options: nosniff
server: cafe
age: 91
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Wed, 01 Feb 2023 03:34:47 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1A2A 344 B
449 B 736ms
276ms Image
image/png 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 18:23:40 GMT
x-content-type-options: nosniff
server: cafe
age: 33158
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Tue, 31 Jan 2023 18:23:40 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1A2A 0
0 333ms
331ms Image
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CGLoYsIzYY_6KJZiXmsMPoZWH0APMzriNavHGvvaVDtzZHhABIID6vy1gq-yxheAYoAHUm_mfA8gBCakC3UvFEHn-Cz7gAgCoAwHIAwqqBJoCT9DarTjMOVGFi1X192LyS0k4Cusu93vmOLyHge6mu2ZpBValNj3zIg4jlNprWE-Q8QNbJ4b-DmIWGqq7_4rbaGhm5WUimcjs3Ck_Z-2hJi8PVZwHApSrZ7avDG7fq_a_OHsImdZw6L_CIvWhzju5OfId3ZywyuFXYkc8aj9lt9WIIsuihYwCAKr0wjTyfVw1nVC9DbcWKRqMQ8CO7WcS9KwOKSMd39qGv8FOpnHprmGNHhRjUey6ba9cBOEMDNTtCSBCix7ljiKR3ojpAIwxkmqeGpgTI7QQK6CCFdDgzJ7iEEXqZapGjKpC7BDdypgs4x1WkeTSl7p4xZFGFwT0NUO-e-ftUyjLVc6vwVyleZAJiyWmJNJqetl9wAS4-6TGqALgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHlOSGYKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENibCdIIDwiAYRABGB0yAooCOgKAQIAKA8gLAbgT5APYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjkyNjk5MjczNjU5ODYwNBiw1RQ&sigh=xg4A5Sxqebs&uach_m=[UACH]&cid=CAQSTADUE5ymks5ggp7SY8PjRSLnHFBXi6wuVoLcNJLzNHagpE_MmV6UOOkiHKjeMh9RXupjHL5Ryh453QEAnh6xrb1nUBFrWLrPTKmqTqYYASAT&template_id=484
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f157.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D25 0
0 321ms
320ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfxrGIQMoBmSyXpKdm8len6Jot-B8qfDjckGA4a-hL530YzLw0TK0ITM6rnTOPLkf0okWzs4wG4Dd_veimoxu-Ao1Yhjbi8DfCj5Fb6KqC3SM5IpDrlKuFyZDJo5CidgXANc1u55WMd1SsIvedTsnttzJ-VKIVh43gggRFKay-4t8Slk7lx28t6zTaMwAt_8ZojfOBWTFoIObzcs795Gv3vlDVRuPFXtWdZe4ok45NZc3J5wEmEd2W8NHdapda9pmGrHdNmc-pLRZw3zpb7DZ6vOtinCzDgjWrqgckvqFk91p1vqt4ejefiuqQeVfv2IysxQ&sai=AMfl-YQ2nGnuAfMe7pDJ032dNqTOA9LvMyLL4yi47w4qYLggKPPIrCF83f3aOXojwTC0WnzfMnIv5TsJNARIYktpG-zitXYipwHO3o0i2NXqK6a8_1MVAi4v0mfKA7BFINI7sRoGo6HZYAVDQDKLh7CCvEA&sig=Cg0ArKJSzNYkQQ2rqg7AEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 2D25 3 KB
1 KB 273ms
273ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 17:43:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D25 157 KB
48 KB 1467ms
1012ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:18 GMT

GET
H2 200 3396173914488744306
tpc.googlesyndication.com/simgad/ Frame 2D25 35 KB
35 KB 1808ms
1347ms Image
image/jpeg 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3396173914488744306

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

6518833c2ff5ffab8c3a93dfe998fb52180d0e8752920266a83c015b21c1c2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35776
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:15:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 03:36:18 GMT

GET
DATA 200
OK truncated
/ Frame CAA7 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b7b716e66204a82bf998f3dbc562e1c6ec67f8568f7e54fc9842731b0f786a2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6541265457878289611/ Frame 1A2A 17 KB
17 KB 1041ms
580ms Image
image/jpeg 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6541265457878289611/14763004658117789537?w=400&h=209

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

a3c5ee454e248c42fbfe28703a9abeb0cc90cb87153d267c415734e5fd968b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:22:08 GMT
x-content-type-options: nosniff
age: 850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17494
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 11:38:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 03:22:08 GMT

GET
DATA 200
OK truncated
/ Frame 1A2A 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1A2A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017bcc442fc60bcf793bb10358ec4f0d63f7ea22e96e62ddd88a348efa042200

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2D25 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b42e9bbbb879bb888234ae4b0afd186eea1c20e0991920c3a9e722dfccdd3b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 142B 4 KB
2 KB 144ms
144ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 31 Jan 2023 03:36:18 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1675136178.cds207.sy2.hn,1675136178.cds020.sy2.c
x-sp-metadata: HS256.CMK14p4GEogBCiQzNTQ5MzY5MC01MTIzLTRiNmItYjhhMi1iZjhmODNlYmVjMWEQ4LuY6t7p/AIaBgiymeKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGI4MDFiMDAwLTI2MTktNGUxMC1iYzdiLTY4MjE5ODhmZGZjNxjaDiIYCAISFGNkczAyMC5zeTIuaHdjZG4ubmV0.f7r/08GoYBgFx9A8YcB2hbVsB5k1elWcmw6O0LG1fgs=

GET
H2 200 ad Show response
v.lkqd.net/ Frame C3A8 2 KB
2 KB 1106ms
353ms XHR
application/xml 146.20.128.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=39619003&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ecc376f6f63c910c21f2a1a9ea86a59c845afbd8f18718fcafb842ac392032b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1414

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A2A 15 KB
16 KB 276ms
273ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 04:09:51 GMT
x-content-type-options: nosniff
age: 343587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 04:09:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1A2A 15 KB
15 KB 327ms
325ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:06:14 GMT
x-content-type-options: nosniff
age: 131404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 15:06:14 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame B906 4 KB
2 KB 157ms
145ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 31 Jan 2023 03:36:18 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1675136178.cds207.sy2.hn,1675136178.cds020.sy2.c
x-sp-metadata: HS256.CMK14p4GEogBCiQxNGI0YzI1NC1jNGJkLTQ3MmItYjg1Mi1lYzI2NDlkYWZlZmEQ4LuY6t7p/AIaBgiymeKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJGY5ZmQ2ODRkLWMyMWYtNDBhNy1hN2MyLWQ5NzI0YjI0MTQ4MhjaDiIYCAISFGNkczAyMC5zeTIuaHdjZG4ubmV0.0QgLosoF126O9/+4rrP70n4yaM4nKMcEBdZ1khHBxaQ=

GET
H2 200 ad Show response
v.lkqd.net/ Frame B26F 180 B
493 B 980ms
337ms XHR
application/xml 146.20.128.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1169235&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=18896239&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:18 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H2

200

cs
cs.lkqd.net/ Frame 142B
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b330ed9f-50e7-4b41-a9f6-bbf499f738e4

43 B
402 B

340ms
340ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b330ed9f-50e7-4b41-a9f6-bbf499f738e4
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b330ed9f-50e7-4b41-a9f6-bbf499f738e4
date: Tue, 31 Jan 2023 03:36:19 GMT
server: _
content-length: 0

GET
H2

200

lkqd
event.clientgear.com/cookie/ Frame 142B
Redirect Chain

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Q5ltcmy75vA

0
106 B

1160ms
333ms

Image
text/plain

47.252.78.131
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Q5ltcmy75vA
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=Q5ltcmy75vA
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET

cd607442bfdf172cfcec45014a5f4ece.gif
cs.krushmedia.com/ Frame 142B
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=lPAv2QEw2zo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D

0
0

GET
H2

200

cs
cs.lkqd.net/ Frame 142B
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2537700921132714778

43 B
526 B

340ms
339ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2537700921132714778
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2537700921132714778
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 142B
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Vupd6VjcSsdIUm7MYzPc7nRaSsU

43 B
398 B

334ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Vupd6VjcSsdIUm7MYzPc7nRaSsU
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Vupd6VjcSsdIUm7MYzPc7nRaSsU
Date: Tue, 31 Jan 2023 03:36:19 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame B906
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d23b58aa-347e-4b12-add3-4f322c0a9f37

43 B
402 B

342ms
341ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d23b58aa-347e-4b12-add3-4f322c0a9f37
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d23b58aa-347e-4b12-add3-4f322c0a9f37
date: Tue, 31 Jan 2023 03:36:19 GMT
server: _
content-length: 0

GET
H2

200

lkqd
event.clientgear.com/cookie/ Frame B906
Redirect Chain

https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=MzMKBWmmScU

0
105 B

1149ms
334ms

Image
text/plain

47.252.78.131
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=MzMKBWmmScU
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 47.252.78.131 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:20 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=MzMKBWmmScU
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET

cd607442bfdf172cfcec45014a5f4ece.gif
cs.krushmedia.com/ Frame B906
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=rU6QyD6aLFo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D

0
0

GET
H2

200

cs
cs.lkqd.net/ Frame B906
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2465643327094786842

43 B
526 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2465643327094786842
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2465643327094786842
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:18 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame B906
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s5_ldl2_QNlUf1gD-IKTmnRaSsU

43 B
397 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s5_ldl2_QNlUf1gD-IKTmnRaSsU
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=s5_ldl2_QNlUf1gD-IKTmnRaSsU
Date: Tue, 31 Jan 2023 03:36:19 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 1254ms
335ms Preflight
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:20 GMT
server: nginx

POST t
t.lkqd.net/ Frame 2C77 0
0

POST
H2 200 t Show response
t.lkqd.net/ Frame 155D 0
166 B 337ms
333ms XHR
text/plain 146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.the-star.co.ke
date: Tue, 31 Jan 2023 03:36:20 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 1233ms
332ms Preflight
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:20 GMT
server: nginx

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 2E7C 230 KB
61 KB 143ms
143ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
content-encoding: gzip
x-sp-metadata: HS256.CMa14p4GEogBCiQ0MWM0Y2Q1Ni01ZjAzLTQ5MGEtYTg2OC1hNWZmNmM3YzMyZmYQ4LuY6t7p/AIaBgi2meKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGNhNzFhMzc1LWU3MDItNDcyYi1iNzQxLTBiMGE3N2QxZTQ1YRjF5AMiGAgCEhRjZHMyMDUuc3kyLmh3Y2RuLm5ldA==.CaumQil9o2lmTBcKZEJimcOiBJNyR8TvO19nnvdMLWg=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1675136182.cds207.sy2.hn,1675136182.cds205.sy2.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAA7 0
0 326ms
325ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4hOL-UdomcgRf-lBLFsiUg3lQ92PxSOQIzYQiYrBJ2JlDWvCerhuYJEdQWd00SkXWQ50Lug9kFhzsX7cNhCa6OQtPtvdzUKolCan3ZpVIk6OraLvyKeKsXcBGJvrP8f9R31Y5Jxuisuq0jxSFbNxZUSMonQYYWBeHkrEHD34FHu6Cv9ntVrOI6BLMg0V3MEsOKzQ1IbtTfP4EEnvSpItapd_LICJ_zem7hjvPxOIMXJsPc10NguOOVgq05tvNoaUYU5r90Hvz4ln_vCjMcca6eQ7Lcr-IwkQntow8MCSzMAlltzo_BrAcTQdh5SYG5Kq5vPPZ&sai=AMfl-YSDuNTcJ26PXc68rXE-LTiAFFPB2FdRt9kmSIzUB87yo0227kXWIn8KxgoDn4CU1qzG_y0UWwQ3oTbLRD-GMVfP0LkbwVim6cMqWYnKDmlsDY-WmNfrpODoFa-DRkA6OLeIjm4nO1-rO5ZRIjU1mWw&sig=Cg0ArKJSzMGc8urdRcHKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 780A 0
0 326ms
325ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0Z0iMVbKeb6JlS6ZTWU2uVqoQPmJc4qqIGzKG_Nt1PhGzoWIk7f6i4NoAs5BX3kmy3LKrxrgNZ27f90kLUjyKGzZoIpDra_jxEe7wiYwgOdjDyRqeMNlSz1mJ_26MAyV5eHRwah5qjpk0IW3eDw0kkavstUt0c2aIDW2_TCVMD_pVfJiPXtAyYO43Tv8B77wnr_pk-WXYDhzB498tZf9tLNRdgvMs76Eow0tbCVDyvIpnyAU45wmgh2hprKXBLqqxFrZ5irCsudj9NcXn6z5Ou3MJehGbcb1OsKPr6zlmdLqlclfxghYjvbQt9ABkGb9JPdYw&sai=AMfl-YQlKFDUafjwq66dZdLmIQY7KIyXyT7h-SuLfYaYY9G5kzsVH1uPQxrpesxJbHba4HG2dQA2fVvbk3NX8atNMZPmgLWEsAVysDqyVhoHQUybs0X34chIRvtyT4qnflvLEQox4qZnW-mtZbw-WSwKF8U&sig=Cg0ArKJSzKdJ2CpYB3C_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DEF9 0
0 325ms
325ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDGX90gJMDFsFMnIWF4vYonZkCm9d4nLVm-bpWARgScPhv-fcHBqZqXMphcfrKGfelSey_ROq1ZQ6MDBT-ayIir3XjKBwB1F_ZmKLAwwGOqWBhmiecYTZx9mDkpqpplDtilAodW7rJfNlyOIq_P5_D0PC1ZK29G8e2vgbrucfd1A8-ccJ1yvgqGaQef0D5Ocn-zpLfWNB5wREwtHzEeIArDRMq_yXuZ1oXriNup9-YZNaOwFPKmrbcKrEPpJK_-gykFaNHFfNNUw0LOGeczQ1Fu79ERykDIbCXqpz_sNnpUuIHGClSU7xpFLVOzHDz_lDgDlkuQX98&sai=AMfl-YSYb7sH-K30GSOY4BP6_dOiEdsl6eudx4vz7QwTp5lZchg2cPnKY4Gb-jwwV_eVpW61OWRNf8rKLhNR8Nj4ibuOqxtB0vtY514vwjw8h4TLwC1m-uThdHj0sFFEjSQaoB-ofFLzLR-T9urnnVoFO1M&sig=Cg0ArKJSzPNo0onDK2XIEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2D25 0
0 320ms
320ms Fetch
image/gif 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstP8bXoAgapvah5ipH-hXs57N7Z7nk7jgUfEHHfZgUJmVc-qGQtNgEIepffcAcBs44WhXYJXmZMrIDDhQUM-ASJGxr88Kntve9eLOfryelsOVXFupwR77C0z9mp9l3Dq6TDZtnyjjdWO9uVDFIBhtioZEJo6yk0fXGJ52hJsd_end8AvBI9D0sceXWi-IqrKRHQvZmEBCu6CA85WCH22XH2nSml-V3ajLwOK1vsK0bZFUm1IbCep2E0MjkAvotnbWGU2WJUD2fHOUx9MzPFD8Fz4XaUd33W0178FAA_9QL5_J2Besujaz3XgXqtF0-h3Ga_b0fj&sai=AMfl-YRB1H_j98y1HAJBpQxlJNquY_CVwQT2BTKTZB0JDxsHihJsDxrd5q50t_xd5MNzwbB-EFFR73DIfuTozxYleizFREd02hNLZe6ClUjVtk5wvLv5QsG_4kvhw0xL9IqFfMW-moYJtBS2H1M8FIKDLI0&sig=Cg0ArKJSzPBSOh6ls6cYEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 03:36:19 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DEF9 42 B
404 B 875ms
315ms Fetch
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstk_1rC8MXgEzAP7w3GB5clE_gvEqRvpeYnB0HO4ETlVnKw8r56p3nMIwW45WvQQPzQqah3QQr2g4mykSZZ1l5yORvmSRguPvInXQ01-1dtpesik2Sk&sig=Cg0ArKJSzFBkYEeShBk5EAE&id=lidar2&mcvt=1000&p=139,315,389,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230130&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2661969585&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675136177702&rpt=1910&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC41 6 KB
3 KB 278ms
273ms Document
text/html 172.253.118.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:17 GMT
expires: Wed, 31 Jan 2024 03:36:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame CC41 4 KB
636 B 278ms
276ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
URL: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:37:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0B8C 8 KB
895 B 275ms
275ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:34:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:21 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 0B8C 2 KB
912 B 273ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 12:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 12:38:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 0B8C 22 KB
9 KB 272ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 23:53:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 0B8C 3 KB
1 KB 273ms
272ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35544
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 17:43:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 0B8C 18 KB
7 KB 276ms
275ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 12:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 12:01:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B8C 157 KB
48 KB 274ms
273ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:21 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 0B8C 33 KB
14 KB 824ms
275ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 12:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 12:52:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/elements/html/ Frame CC41 19 KB
8 KB 275ms
274ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
URL: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

962b5a0b1058fb793fa137b948d5751e208b016bd67b27f886ba1b888e3ef9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 00:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8248
x-xss-protection: 0
server: cafe
etag: 14490807653988091183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Feb 2023 00:57:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CC41 205 B
296 B 889ms
342ms Image
image/png 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
URL: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:16:02 GMT
x-content-type-options: nosniff
age: 152419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 29 Jan 2024 09:16:02 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame CC41 604 B
920 B 875ms
329ms Image
image/png 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
URL: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 12:40:55 GMT
x-content-type-options: nosniff
age: 399326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 26 Jan 2024 12:40:55 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 713ms
236ms Script
text/javascript 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230130-10-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 745729
expires: 60

GET
H2 204 debug
trc-events.taboola.com/thestarkenya/log/2/ 0
91 B 719ms
234ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/thestarkenya/log/2/debug?tim=03%3A36%3A21.223&type=usage&msg=rtus&llvl=2&id=3633&cv=20230130-10-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 233482

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 274ms
273ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:04:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153122
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 09:04:20 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EB7 143 B
247 B 273ms
271ms Document
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
URL: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

age: 2225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:59:16 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0EB7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

277ms
273ms

Document
text/html

142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
URL: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:22 GMT
expires: Tue, 31 Jan 2023 03:36:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 594 KB
130 KB 239ms
235ms Script
text/javascript 184.25.221.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/74198/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.221.62 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-221-62.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d760a1c030bc93aba8a45faa1304017336021aa8ec2a46cc256f96b06583b84c

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: br
last-modified: Mon, 30 Jan 2023 12:48:55 GMT
x-amz-request-id: V3E8RN7GJF0MR7PY
etag: "c8616864e1f8b4d5a0b36af2246bce0b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: f
accept-ranges: bytes
content-length: 132675
x-amz-id-2: bfD+mnbEH/si171fs3l9caqaQ8rEMFJzL+YhC27GJOTpI3mrUfryzj/Xg4dSVtAdLy6v3z5rnPo=
expires: Tue, 31 Jan 2023 04:06:23 GMT

GET
H2 200 fonts.css
surveys-static.survicate.com/fonts/ 10 KB
2 KB 319ms
236ms Stylesheet
text/css 139.99.68.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/fonts/fonts.css

Requested by

Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/8fbc81b34949e649b39db10f686d6fd2/web_surveys.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.68.6 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ns564141.ip-139-99-68.net

Software

BunnyCDN-SG21-965 /

Resource Hash

bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
cdn-edgestorageid: 639
x-amz-request-id: 5KY1H4XNQKC7DHTG
cdn-cachedat: 01/24/2023 13:49:29
cdn-pullzone: 1133799
x-amz-id-2: F/DD6AJmIyDwUEQEiCxKi0YLGLTGm0noSEL/2Y093qO1B6TnIzsRYbLiBaj9KdWT5PZq3G003oQ=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Apr 2022 12:02:06 GMT
server: BunnyCDN-SG21-965
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"175a0d0343589473e72c6e512936d749"
vary: Accept-Encoding, Accept-Encoding
x-frame-options: DENY
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=604800
cdn-requestid: eb1c94af49c3b7320d66102881738c26
cdn-requestcountrycode: NZ
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 4FD2 4 KB
2 KB 144ms
143ms Document
text/html 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 1882
content-type: text/html
date: Tue, 31 Jan 2023 03:36:22 GMT
etag: "952dcfd8e3703b5a7e78418d51009535"
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
x-hw: 1675136182.cds207.sy2.hn,1675136182.cds020.sy2.c
x-sp-metadata: HS256.CMa14p4GEogBCiQ2MDMyOWFlZi1jMjc0LTQwOTgtYjRjMy1kZTc2NjMwMzI3NzcQ4LuY6t7p/AIaBgi2meKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDdiNjk3NDlhLTY4NzItNDJiYi1hYzllLTY4NjQ5ZjQ4ZDM1NhjaDiIYCAISFGNkczAyMC5zeTIuaHdjZG4ubmV0.+ZGXXV1rJWNtkUe6exL1XilZ30MzHpnRUoLfnJTmPTg=

POST
H2 200 ad Show response
v.lkqd.net/ Frame 2E7C 46 KB
6 KB 612ms
611ms XHR
application/json 146.20.128.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=39619003&m=&rtv=1&thost=www.the-star.co.ke
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 32c2ce8986127dcada0ebdb96c10751428ad32f74dcad5e9d590b59982a6f24f

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4909

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 1023ms
334ms Preflight 146.20.128.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=39619003&m=&rtv=1&thost=www.the-star.co.ke
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
date: Tue, 31 Jan 2023 03:36:23 GMT
server: nginx

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
360 B 363ms
123ms XHR
image/gif 104.18.31.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=24111&v=3.975&support=1&state=default&wl=0&ref=aHR0cHM6Ly93d3cudGhlLXN0YXIuY28ua2Uv
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:22 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.the-star.co.ke
aimtell-traverse: 0
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials: true
cf-ray: 791f6716df811c5e-AKL
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 24111-eac28fb6894b.json Show response
cdn.aimtell.io/config/optin/ 436 B
798 B 1275ms
1034ms XHR
application/json 104.22.71.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/optin/24111-eac28fb6894b.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.71.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba76e6f632f82d934eaf4066d2ae0572b4c73310f02971c64090c86c31ce288

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
content-encoding: gzip
via: 1.1 a8f04f9e926f8f7592efe83b31564dfc.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: AKL50-C2
x-cache: RefreshHit from cloudfront
content-length: 322
last-modified: Sun, 27 Feb 2022 18:27:22 GMT
server: cloudflare
etag: "cf21d71d02dc060a9821146cc7a9063e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 791f6716d97f1c51-AKL
x-amz-cf-id: 2obrS2hGMvy8CCDETYDQn8y_wGFASgjy4j4hEYon-4-MnE5uf0Cj6A==

GET
H2

200

cs
cs.lkqd.net/ Frame 4FD2
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a

43 B
403 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a
date: Tue, 31 Jan 2023 03:36:23 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame 4FD2 42 B
590 B 1151ms
287ms Image
image/gif 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:36:23 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

400

cs
cs.lkqd.net/ Frame 4FD2
Redirect Chain

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
https://a.tribalfusion.com/i.match?p=b30&u=diICJj0iUVY&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b30&u=diICJj0iUVY&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662253695692628

0
237 B

334ms
334ms

Image
text/plain

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662253695692628
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:23 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 1587
content-type: text/html
location: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662253695692628
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 791f671b4f88fb90-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 4FD2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lkq
https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA

43 B
394 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA
Date: Tue, 31 Jan 2023 03:36:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 4FD2
Redirect Chain

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i

43 B
409 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 t Show response
t.lkqd.net/ Frame 3DE9 0
166 B 334ms
333ms XHR
text/plain 146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.the-star.co.ke
date: Tue, 31 Jan 2023 03:36:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 334ms
333ms Preflight
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:22 GMT
server: nginx

GET
H2 200 open-sans-latin.woff2
surveys-static.survicate.com/fonts/ 39 KB
40 KB 708ms
235ms Font
binary/octet-stream 139.99.68.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/fonts/open-sans-latin.woff2

Requested by

Host: surveys-static.survicate.com
URL: https://surveys-static.survicate.com/fonts/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.68.6 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ns564141.ip-139-99-68.net

Software

BunnyCDN-SG21-965 /

Resource Hash

a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surveys-static.survicate.com/fonts/fonts.css
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 639
x-amz-request-id: CJBGD0JSG7CZCK8B
cdn-cachedat: 01/24/2023 13:50:01
cdn-pullzone: 1133799
content-length: 39556
x-amz-id-2: UsVriHSfJsobYiF4zkNWa9GoxUGFSz9/3C3VptoPbjJMcnjpuYhcJ4ybkPuCLB0h4xwWruzxJzk=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Apr 2022 12:02:11 GMT
server: BunnyCDN-SG21-965
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "e92e9c8caaf29c4446167f6f01a78e96"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=604800
x-frame-options: DENY
cdn-requestid: c3b96f0c88b104983b03fe024f5e37e0
cdn-requestcountrycode: NZ
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 open-sans-italic-latin.woff2
surveys-static.survicate.com/fonts/ 42 KB
43 KB 1085ms
646ms Font
binary/octet-stream 139.99.68.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://surveys-static.survicate.com/fonts/open-sans-italic-latin.woff2

Requested by

Host: surveys-static.survicate.com
URL: https://surveys-static.survicate.com/fonts/fonts.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.99.68.6 , Singapore, ASN16276 (OVH, FR),

Reverse DNS

ns564141.ip-139-99-68.net

Software

BunnyCDN-SG21-965 /

Resource Hash

d2999dd8b1e89b9bb0e522a363c0feb6c1a9c6f992ba78ec8a50477245d33c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://surveys-static.survicate.com/fonts/fonts.css
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cdn-edgestorageid: 640
x-amz-request-id: 3BMQ883SBW5P0HHE
cdn-cachedat: 01/24/2023 14:40:07
cdn-pullzone: 1133799
content-length: 42540
x-amz-id-2: QRs/LbDPBxJ3rFzjPU0agPNyGjvI+psLDKZwivZC9jkIzQHZ+H2q5GaLiDJrZOVDQQaoi4vVfL8=
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Apr 2022 12:02:10 GMT
server: BunnyCDN-SG21-965
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "ca85570f0c4c6964d2a2e06fb737d020"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 039640c0-4b09-428d-a0ae-513ccdd44502
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=604800
x-frame-options: DENY
cdn-requestid: d38db4843f379854ac4c10a7b3066636
cdn-requestcountrycode: NZ
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame 54C7 36 KB
14 KB 273ms
273ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 21:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 281011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 21:32:51 GMT

GET
H3 200 Ho5JZ_GDurs Show response
www.youtube.com/embed/ Frame CC02 68 KB
27 KB 372ms
372ms Document
text/html 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

ESF /

Resource Hash

0ccc2fd2dc5be26b8c78d54d8b4943b804d95cebc6ae946c9fbac96019d191d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1A2A 42 B
64 B 321ms
320ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvbQJxAHkz4tdFaJuS6vZZNDhDkJzwmyjscs4boUNuE2kZV-fjJGScgzt5M_6Q4psQ2viD5ZenRhJwNVcrVjK6OcfvhTBUw7mmUhYS03NfJ6K1jJkJyroUCJ2dIavyyjpyMnU&sai=AMfl-YQBzcdtjGcapLO3NUaJ4ovHZAJAc6hN6aIpfdVg0x9ocr3zP4K2QCEkHHjfNEklNt1OBrm1hh8RyRRLzUeUpFLT2qNmEs4hiG4ayvk7Q5a2GNFDvkHgxP6n5S5ifn6WAgf2nshtPkLU1LQIGjAE&sig=Cg0ArKJSzD5En7Wf7b0_EAE&cid=CAQSTADUE5ymks5ggp7SY8PjRSLnHFBXi6wuVoLcNJLzNHagpE_MmV6UOOkiHKjeMh9RXupjHL5Ryh453QEAnh6xrb1nUBFrWLrPTKmqTqYYASAT&id=ampim&o=1135,476&d=336,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=4515&tls=5515&g=100&h=100&tt=5515&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame CC02 360 KB
49 KB 274ms
273ms Stylesheet
text/css 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 12:26:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC02 15 KB
15 KB 273ms
273ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 22:39:13 GMT
x-content-type-options: nosniff
age: 277030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 22:39:13 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CC02 15 KB
15 KB 288ms
287ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 09:45:34 GMT
x-content-type-options: nosniff
age: 150649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 09:45:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame CC02 342 KB
107 KB 409ms
408ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 00:04:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 00:04:29 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame CC02 2 MB
597 KB 471ms
470ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:07:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611243
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 17:07:39 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame CC02 9 KB
3 KB 533ms
532ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 19:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 203690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 28 Jan 2024 19:01:33 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lkq
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA

43 B
394 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:24 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAISok7HsRkAACD4M655dA
Date: Tue, 31 Jan 2023 03:36:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 204 CookieSyncLKQD
rtb.adentifi.com/ Frame 2E7C 0
35 B 1007ms
333ms Image
text/plain 54.87.95.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.95.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-95-148.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:25 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://sync.1rx.io/usersync2/lkqd
https://sync.1rx.io/usersync2/lkqd?zcc=1&cb=1675136185064
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8601339335
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8601339335
https://sync.1rx.io/usersync/tradedesk/f39b6373-c74c-48ac-9e79-26cc6c86044e
https://sync.targeting.unrulymedia.com/csync/RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-7a057c30-d8a4-4b12-9f43-8b4c10ebb2...
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004

43 B
406 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004
date: Tue, 31 Jan 2023 03:36:27 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX7a057c30d8a44b129f438b4c10ebb24f004
content-type: text/html

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://x.bidswitch.net/sync?ssp=lkqd
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=da43dbfa-d408-40ff-b16d-0a877e6d242e&user_group=1&ssp=lkqd&bsw_param=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed%26redi...
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed

43 B
402 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=46&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Tue, 31 Jan 2023 03:36:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
location: //cs.lkqd.net/cs?partnerId=46&partnerUserId=7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D13%26partnerUserId%3D%7Bdevice_id%7D
https://cs.lkqd.net/cs?partnerId=13&partnerUserId=23a04e66-ede7-4541-a01b-4d7e1bf6dda1

43 B
401 B

334ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=13&partnerUserId=23a04e66-ede7-4541-a01b-4d7e1bf6dda1
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=13&partnerUserId=23a04e66-ede7-4541-a01b-4d7e1bf6dda1
date: Tue, 31 Jan 2023 03:36:27 GMT
server: _
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f39b6373-c74c-48ac-9e79-26cc6c86044e

43 B
402 B

336ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f39b6373-c74c-48ac-9e79-26cc6c86044e
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=f39b6373-c74c-48ac-9e79-26cc6c86044e
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 203

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=6c483055-7533-4ef4-bedf-d032975e7ceb

43 B
402 B

334ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=6c483055-7533-4ef4-bedf-d032975e7ceb
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=6c483055-7533-4ef4-bedf-d032975e7ceb
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:27 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1 403
Forbidden us.php
gu.dyntrk.com/adx/lkqd/ Frame 2E7C 0
0 706ms
234ms Image
text/html 23.106.69.73
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.106.69.73 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://media.sabio.us/imp_pixel?invsrc=11&secure=1
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2283198874896024021

43 B
390 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2283198874896024021
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2283198874896024021
date: Tue, 31 Jan 2023 03:36:27 GMT
server: Apache/2.4.23 (Unix)
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 2E7C
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=e04f504a-8b81-4922-bc06-4c098c9c42b9&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=e04f504a-8b81-4922-bc06-4c098c9c42b9&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/e04f504a-8b81-4922-bc06-4c098c9c42b9/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F
https://dpm.demdex.net/ibs:dpid=445&dpuuid=e04f504a-8b81-4922-bc06-4c098c9c42b9?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=e04f504a-8b81-4922-bc06-4c098c9c42b9

42 B
942 B

236ms
236ms

Image
image/gif

18.138.161.18

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=e04f504a-8b81-4922-bc06-4c098c9c42b9

Protocol

HTTP/1.1

Server

18.138.161.18 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v042-0ab9bba17.edge-apse.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YRC/gmDwSCg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-apse-2-v042-00e81ee4c.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Qc2cvf8jTzU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=445&dpuuid=e04f504a-8b81-4922-bc06-4c098c9c42b9
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=Y9iMuwAABdlZIwBh
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y9iMuwAABdlZIwBh&_test=Y9iMuwAABdlZIwBh

43 B
389 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y9iMuwAABdlZIwBh&_test=Y9iMuwAABdlZIwBh
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

x-served-by: cache-fty21380-FTY
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675136188.106761,VS0,VE0
x-cache: HIT
location: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=Y9iMuwAABdlZIwBh&_test=Y9iMuwAABdlZIwBh
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=SddPgjnMZvN4&ev=1&pid=561322

43 B
386 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=SddPgjnMZvN4&ev=1&pid=561322
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(9.4.14.v20181114)
content-language: en-NZ
location: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=SddPgjnMZvN4&ev=1&pid=561322
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-68c79bf768-t2hdb
expires: -1

GET
H2 200 464986.gif
idsync.rlcdn.com/ Frame 2E7C 42 B
449 B 606ms
319ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=diICJj0iUVY
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i

43 B
409 B

334ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=76&gdpr=0&partnerUserId=EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame 2E7C 42 B
590 B 287ms
286ms Image
image/gif 198.8.71.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.8.71.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:36:28 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a

43 B
403 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_11c70f27-23ed-433a-9041-1be966b0300a
date: Tue, 31 Jan 2023 03:36:28 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partn...
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a

43 B
412 B

333ms
333ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:31 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Tue, 31 Jan 2023 03:36:31 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=7dfa44d4-d64d-443a-abed-2a8647a9a7cd-63d88cbd-4e5a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 2E7C
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=v
https://s.ad.smaato.net/c/?adExInit=v&cookieCheck=1
https://cs.lkqd.net/cs?partnerId=109&partnerUserId=da54b067

43 B
383 B

334ms
332ms

Image
image/gif

146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=da54b067
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Tue, 31 Jan 2023 03:36:29 GMT
via: 1.1 55c8386ba54fbe8ac7d89b90344d4344.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN52-C3
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=109&partnerUserId=da54b067
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 0nPvhOH_vPP5cYMS2usKpLFgo9G18oct3NYpPc_6XLL6bJLgMTjQWA==

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMxOGY4YjgtNWQ3ZS02NTc3LTZlY2QtMDUzN2U4NWUyZDI1

0
0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1007 B
874 B 716ms
237ms XHR
application/xml 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C59644044617734145611643508516%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 73d4f9703605d25c6ff552c150f864c6229a772de3e4de5909c951c0a860753b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 627
expires: Tue, 31 Jan 2023 03:36:24 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1006 B
873 B 716ms
238ms XHR
application/xml 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561528005939%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: df4a99abc9b4988a7aef5177049adadd3432c015430b1c6737b869e4d68d7e8d

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 626
expires: Tue, 31 Jan 2023 03:36:24 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1007 B
873 B 716ms
239ms XHR
application/xml 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C59644044617734145611579860765%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 834cdaa7a3990d13c225428b95ad437992e1ad81d5e854c77d3aca4da0f8c064

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 626
expires: Tue, 31 Jan 2023 03:36:24 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1006 B
871 B 714ms
237ms XHR
application/xml 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C1323446375964404461773414561%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7189452b73f00079dc3b9672d2e3506d78582eed701f9a1ecbe698ab8d4c45f5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 624
expires: Tue, 31 Jan 2023 03:36:24 GMT

GET
H3 200 css
fonts.googleapis.com/ 28 KB
1 KB 278ms
278ms Stylesheet
text/css 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Requested by

Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

1700f83003b043d183ab54ed4925d06ec9f28639c45cd8444c85403acaeab533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 03:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 03:36:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 03:36:24 GMT

GET
H3 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 273ms
272ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 23:14:19 GMT
x-content-type-options: nosniff
age: 15725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 23:14:19 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 317ms
316ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 21:45:20 GMT
x-content-type-options: nosniff
age: 193864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:45:20 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 389ms
389ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 15:05:22 GMT
x-content-type-options: nosniff
age: 131462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 15:05:22 GMT

GET
H3 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 464ms
463ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 05:01:23 GMT
x-content-type-options: nosniff
age: 167701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 05:01:23 GMT

GET
H3 200 u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 530ms
530ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i,800|Merriweather:300,300i,400,400i,700,700i

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.the-star.co.ke
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 17:28:58 GMT
x-content-type-options: nosniff
age: 36446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19900
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 17:28:58 GMT

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame 88FE 325 B
486 B 1013ms
307ms Document
text/html 23.53.160.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.160.138 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-53-160-138.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 325
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:25 GMT
expires: Tue, 31 Jan 2023 03:36:25 GMT
pragma: no-cache
server: akka-http/10.2.9

GET
H2 200 track
t.teads.tv/ 23 B
113 B 1024ms
313ms Image
image/gif 23.36.49.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=b0f8fefc-6b40-4111-95ae-93110309ceb6&pageId=74198&pid=80284&debug_metadata=7TxeakG5lI&fv=1125&ts=1675136184725&f=1&referer=https%3A%2F%2Fwww.the-star.co.ke%2F
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.49.63 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-49-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 955ms
316ms Image
image/gif 23.36.49.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=b0f8fefc-6b40-4111-95ae-93110309ceb6&pageId=74198&pid=80284&fv=1125&ts=1675136184757&f=1&referer=https%3A%2F%2Fwww.the-star.co.ke%2F
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.49.63 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-49-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 31 Jan 2023 03:36:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 suppression Show response
beacon.aimtell.com/ 1 B
100 B 127ms
126ms XHR
text/plain 104.18.31.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.aimtell.com/suppression?id_sites=0
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.the-star.co.ke/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 31 Jan 2023 03:36:25 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.the-star.co.ke
access-control-allow-credentials: true
cf-ray: 791f67262f161c5e-AKL
access-control-allow-headers: Content-Type, *
content-length: 1

OPTIONS
H2 200 suppression
beacon.aimtell.com/ Frame 0
0 448ms
129ms Preflight
text/plain 104.18.30.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.aimtell.com/suppression?id_sites=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.30.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: https://www.the-star.co.ke
cf-ray: 791f67254cfefb7c-AKL
content-length: 1
content-type: text/plain;charset=UTF-8
date: Tue, 31 Jan 2023 03:36:25 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame CC02 113 B
159 B 275ms
274ms XHR
application/json 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

c25381e9997d83d9fa63a7da1f9a80511f6d8f2fb4f6ba65bf501111c6fb0a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CC02 29 B
494 B 823ms
273ms Script
text/javascript 74.125.68.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f148.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:35:05 GMT
x-content-type-options: nosniff
age: 80
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Jan 2023 03:50:05 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 825ms
274ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Jan 2023 03:36:25 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CC02 66 KB
31 KB 281ms
280ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

97a48d7df1d7a3276468f06778c4ecae0a2960d9273c92a918b44e5b1ba32281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame CC02 119 KB
36 KB 274ms
273ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 04:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37215
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 04:46:34 GMT

GET
H2 200 x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js Show response
www.google.com/js/th/ Frame CC02 36 KB
14 KB 274ms
273ms Script
text/javascript 142.251.12.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f147.1e100.net

Software

sffe /

Resource Hash

c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 293599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14250
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 18:03:06 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/ Frame CC02 26 KB
8 KB 272ms
272ms Script
text/javascript 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

sffe /

Resource Hash

39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:07:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8333
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 17:07:36 GMT

GET
DATA 200
OK truncated
/ Frame CC02 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AL5GRJW5DQchdXrILTss89eYliMIiSfZQWy7zxblw1C-=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CC02 3 KB
3 KB 274ms
273ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AL5GRJW5DQchdXrILTss89eYliMIiSfZQWy7zxblw1C-=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

fife /

Resource Hash

0be58fb0639cde895aefea4feddde840395c6ce1bf28345678042f3b031a104d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 01:12:12 GMT
x-content-type-options: nosniff
age: 8653
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3248
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 17:25:11 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Ho5JZ_GDurs/ Frame CC02 56 KB
56 KB 824ms
276ms Image
image/jpeg 142.251.12.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Ho5JZ_GDurs/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.119 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f119.1e100.net

Software

sffe /

Resource Hash

338a602cb3254711ed6a55c3b075b0afdaa0c9bddae56ad3ad9ef856d1bba66d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:25 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57167
x-xss-protection: 0
server: sffe
etag: "1675102162"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Jan 2023 03:41:25 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 333ms
333ms Preflight
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:25 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 3DE9 0
166 B 336ms
335ms XHR
text/plain 146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.the-star.co.ke
date: Tue, 31 Jan 2023 03:36:25 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid_3f2ac009.js Show response
vpaid.springserve.com/production/ Frame 8517 508 KB
89 KB 880ms
268ms Script
application/javascript 13.227.254.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_3f2ac009.js
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.254.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-254-33.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 089c15f9c5cc71bf13afab16ff186c621b8efe3a36008fc1ece77d3cab6bc29a

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 19:09:26 GMT
content-encoding: br
via: 1.1 c2e4ac979e01c116ae8349b7d6d1489a.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 18:57:54 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
age: 1585624
etag: W/"ab292b9197bd5823a718eb91260e7821"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: MteUYJki5_6jSGkccTZhiOO4Yw8XhtsMRsJbp5kMpRGfmS4Vva0kAA==

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 334ms
332ms Preflight
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:25 GMT
server: nginx

POST
H2 200 t Show response
t.lkqd.net/ Frame 3DE9 0
166 B 334ms
334ms XHR
text/plain 146.20.128.159
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.159 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.the-star.co.ke
date: Tue, 31 Jan 2023 03:36:25 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 24111-eac28fb6894b.json Show response
cdn.aimtell.io/config/ 191 B
383 B 1049ms
1048ms XHR
application/json 104.22.71.231
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/24111-eac28fb6894b.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.71.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
content-encoding: gzip
via: 1.1 e9c8d276f421905f667fd6c87a5a6a8c.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: AKL50-C2
x-cache: RefreshHit from cloudfront
content-length: 148
last-modified: Thu, 15 Jul 2021 08:40:08 GMT
server: cloudflare
etag: "ef41079d3457a8c0bcc85d4e81fa2cef"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 791f67275d8c1c51-AKL
x-amz-cf-id: Dq7ACPf_1b22kZ8uBR7e0LTbRI7l__ImPh2SI528RFQApd3y-Tyt2Q==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CC02 4 KB
2 KB 275ms
274ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:25 GMT

GET
H3

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,

48 B
78 B

244ms
244ms

XHR
text/xml

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,
Requested by: Host: www.the-star.co.ke
URL: https://www.the-star.co.ke/
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:26 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.the-star.co.ke
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 31 Jan 2023 03:36:26 GMT
via: 1.1 google
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,
access-control-allow-origin: https://www.the-star.co.ke
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame CC02 50 KB
15 KB 274ms
273ms Script
text/javascript 64.233.170.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f94.1e100.net

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 31 Jan 2023 21:44:17 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CC02 90 B
134 B 277ms
277ms XHR
application/json+protobuf 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

713bb882ed3d1ce567619ffef5902d0e63e98644e61677d9b600a7d5a5722df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 31 Jan 2023 03:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 273ms
273ms Preflight
text/html 142.251.12.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f95.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 31 Jan 2023 03:36:26 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame CC02 28 B
50 B 280ms
279ms XHR
application/json 74.125.24.93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.93 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f93.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time: 1675136188551
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Ho5JZ_GDurs?playsinline=1&enablejsapi=1&origin=https%3A%2F%2Fwww.the-star.co.ke&widgetid=1
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtsZnBJUDRwZmphdyi3meKeBg%3D%3D
X-YouTube-Ad-Signals: dt=1675136184545&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C610%2C343&vis=1&wgl=true&ca_type=image&bid=ANyPxKpecKWRjTtL8tJED7qXErfcaQicFyR-XVP5TEI1wJj16ZaY0CQEkmuPBm4gzSQcJZHmwi-kUdfzXTwVbi63MZJVyXtz8w

Response headers

date: Tue, 31 Jan 2023 03:36:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
13 KB 281ms
279ms XHR
application/json 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

cafe /

Resource Hash

c422d5cfe6ea0794a8fc744aae62f7629b3ebaeb463f95735e9e8bd30a7097f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12684
x-xss-protection: 0

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 8517 978 B
852 B 237ms
237ms XHR
application/xml 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3f2ac009.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f817c9a060043152dfc50f0fa3b4d5854e48bf7f19ee71da2298c4051c8a0e19

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:29 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 605
expires: Tue, 31 Jan 2023 03:36:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1435ms
1435ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 03:36:30 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame D16A 158 KB
37 KB 236ms
236ms Script
application/javascript 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 06:03:39 GMT
server: Apache
etag: "277a2-5e7fbf52bc8c8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38047

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B523 38 KB
14 KB 235ms
234ms Document
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=117199
content-encoding: gzip
content-length: 13968
content-type: text/html
date: Tue, 31 Jan 2023 03:36:30 GMT
expires: Wed, 01 Feb 2023 12:09:49 GMT
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D16A 38 KB
14 KB 236ms
235ms Script
text/html 104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=117199
accept-ranges: bytes
content-length: 13968
expires: Wed, 01 Feb 2023 12:09:49 GMT

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame D16A 27 B
553 B 1255ms
239ms XHR
application/xml 103.231.98.191

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,&us_privacy=&cb=1675136190309&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.the-star.co.ke%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.the-star.co.ke%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-1-31%203:36:30&ranreq=0.4982993394561228&timezone=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&schain=1.0,1!vidoomy.com,63457,1,1675136183751,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.191 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:31 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://www.the-star.co.ke
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B523 2 KB
3 KB 707ms
234ms Script
text/html 103.231.98.196

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=29442595&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f54b2571c0eb99bc9924905f84832c8d1daffc85921a657cfde12490261f3a6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8818 13 KB
5 KB 274ms
273ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
age: 467030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 17:52:41 GMT
expires: Thu, 25 Jan 2024 17:52:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A7F0 783 B
536 B 276ms
275ms Document
text/html 142.251.12.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f147.1e100.net

Software

GSE /

Resource Hash

d873ec282f43f74190b7c2eb8008c28f693ca6e816f6f8a0659847b119acd53e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C5FPmvKIqTLRxzoHdMuZOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.the-star.co.ke/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-C5FPmvKIqTLRxzoHdMuZOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 03:36:31 GMT
expires: Tue, 31 Jan 2023 03:36:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A7F0 0
0 318ms
318ms Image
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=2401235701464617&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame 8818 36 KB
14 KB 273ms
272ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f155.1e100.net

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 21:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 281020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 21:32:51 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 9182
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent=

35 B
467 B

264ms
264ms

Document
image/gif

185.84.60.23

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Tue, 31 Jan 2023 03:36:32 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Tue, 31 Jan 2023 03:36:32 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=9D305EF6-D522-44CA-9602-0AFDC25294F5&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1F0B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a52363d8-8cc0-4300-ad55-d9bbdb25f936&gdpr=0&gdpr_consent=

42 B
327 B

235ms
235ms

Document
image/gif

103.231.98.194

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a52363d8-8cc0-4300-ad55-d9bbdb25f936&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.194 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 31 Jan 2023 03:36:32 GMT
Expires: Tue, 31 Jan 2023 03:36:31 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 404 ce67235 master hkg-pixel-x4 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:a52363d8-8cc0-4300-ad55-d9bbdb25f936&gdpr=0&gdpr_consent=

GET
H2 200 b9pj45k4 Show response
sync-tm.everesttech.net/upi/pid/ Frame A63F 85 B
259 B 336ms
335ms Document
image/png 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Tue, 31 Jan 2023 03:36:31 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fty21380-FTY
x-timer: S1675136192.769815,VS0,VE17

GET

Pug
simage2.pubmatic.com/AdServer/ Frame F584
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1963036234330670071&gdpr=0&gdpr_consent=

0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B6AB
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nfPo-ZOj7vaG8-mkkvmh8Mqj7fSG-O_5yfkLu26C

42 B
340 B

708ms
236ms

Document
image/gif

67.199.150.86

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nfPo-ZOj7vaG8-mkkvmh8Mqj7fSG-O_5yfkLu26C
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Tue, 31 Jan 2023 03:36:31 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=nfPo-ZOj7vaG8-mkkvmh8Mqj7fSG-O_5yfkLu26C
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B523
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nTBe9tUiRMqWAgr9wlKU9Q%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

4 KB
4 KB

235ms
234ms

Image
text/html

104.65.228.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 104.65.228.208 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-65-228-208.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:32 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=27940
accept-ranges: bytes
content-length: 5554
expires: Tue, 31 Jan 2023 11:22:12 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

liveramp.com
pippio.com/api/ Frame B523
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=9D305EF6-D522-44CA-9602-0AFDC25294F5
https://pippio.com/api/sync?pid=5324&it=1&iv=c6bbf52aa6e7d705492908579bb90969e9ba0f60758b9967ab67beba1fccd4ff791426b5417dce21&_=2
https://pippio.com/api/liveramp.com

0
0

GET
H/1.1 200
OK info
uipglob.semasio.net/pubmatic/1/ Frame B523 42 B
220 B 818ms
278ms Image
image/gif 119.9.108.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9D305EF6-D522-44CA-9602-0AFDC25294F5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 119.9.108.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

uip-response-status: FallbackResponse
date: Tue, 31 Jan 2023 03:36:29 GMT
frontend-id: 0
content-length: 42
routing-server-id: 1
content-type: image/gif

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B523
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzMDVFRjYtRDUyMi00NENBLTk2MDItMEFGREMyNTI5NEY1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

662ms
236ms

Image
image/gif

67.199.150.86

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B523
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJoj0Z3KQk47UOsrJwEgCg&google_cver=1

42 B
528 B

660ms
235ms

Image
image/gif

67.199.150.86

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJoj0Z3KQk47UOsrJwEgCg&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAJoj0Z3KQk47UOsrJwEgCg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame B523 43 B
612 B 824ms
272ms Image
image/gif 34.124.209.251

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.124.209.251 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 30 Jan 2023 03:36:32 GMT

GET
H2 200 9D305EF6-D522-44CA-9602-0AFDC25294F5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B523 43 B
602 B 243ms
240ms Image
image/gif 13.228.93.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/9D305EF6-D522-44CA-9602-0AFDC25294F5?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.228.93.73 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-228-93-73.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B523
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f39b6373-c74c-48ac-9e79-26cc6c86044e&gdpr=0&gdpr_consent=

42 B
507 B

707ms
235ms

Image
image/gif

103.231.98.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f39b6373-c74c-48ac-9e79-26cc6c86044e&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 103.231.98.194 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 31 Jan 2023 03:36:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 03:36:31 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f39b6373-c74c-48ac-9e79-26cc6c86044e&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET

SPug
image4.pubmatic.com/AdServer/ Frame B523
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9D305EF6-D522-44CA-9602-0AFDC25294F5&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JItWvr5E2uUdFqsqm9hARYH_kESEm7U-~A&gdpr=0

0
0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8818 0
10 B 273ms
272ms Image
text/plain 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3a9UAA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 track
st.pubmatic.com/ Frame D16A 0
91 B 715ms
234ms Image
text/plain 67.199.150.90

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1675136192&wa=0&vadsId=-1&e=95&vc=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 i Show response
vid-io-pdx.springserve.com/vd/ Frame 8517 0
152 B 1004ms
303ms XHR
text/plain 52.34.92.83

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-pdx.springserve.com/vd/i?suuid=f74b0d3e&ps_id=357265&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3f2ac009.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.92.83 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.the-star.co.ke
date: Tue, 31 Jan 2023 03:36:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

POST
H2 200 i Show response
vid-io-pdx.springserve.com/vd/ Frame 8517 0
153 B 874ms
302ms XHR
text/plain 52.34.92.83

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-pdx.springserve.com/vd/i?suuid=f74b0d3e&ps_id=357265&batch=2
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3f2ac009.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.92.83 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.the-star.co.ke
date: Tue, 31 Jan 2023 03:36:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
access-control-allow-methods: GET, OPTIONS

GET
H2 200 track
st.pubmatic.com/ Frame 8517 0
49 B 235ms
234ms Image
text/plain 67.199.150.90

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1675136189&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.90 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 31 Jan 2023 03:36:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST t
t.lkqd.net/ Frame 3DE9 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 333ms
333ms Preflight
text/plain 146.20.128.152
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.152 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.the-star.co.ke
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://www.the-star.co.ke
access-control-expose-headers: Content-Type, Content-Disposition
access-control-max-age: 300
cache-control: max-age=300
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 31 Jan 2023 03:36:33 GMT
server: nginx

GET track
st.pubmatic.com/ Frame 8517 0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 328ms
328ms Image
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=2401235701464617&bg=!iIuli8_NAAbFy4Ck5cs7ACkAdvg8WjwPT0H_TCcDnt64Lk_p3DcK9DBzThemxF1HbJNSvQ07GeTlMgIAAABwUgAAAANoAQcKAKcQL0_SmhTkN5xMXtK5SaNnBTdorfP5Tc8EnGzuqb3SToyffGq0lLnxEGbZ4XxE4lCmIisju_2LUaHfXeN-wE1CyQVA47KJeIVRFDYpTpYmGqFI8LNxFGZ6QG2AB0BizqVbavO_yDAR1VmEy6N4dCQx0UKGTuftlCr7R-ZysD0FGA-J4LRgpIoY3BtVgQLd2hmL-HP1zJx5azQStiarUP2_QCoqPOYkYZkCrk5iNFDZKmE68sGX40zxV8bnZ8pbpDJgYfBPyqfijHwnqcKl1Dt5HL04O0r7jGuGJ_EinylmayutofmipLMC9t7K4M5-LBioPzDozz639U1eK-7evS1L-EF-mA1_Wa3sK3xJ6hZ-EOaOHTSgnifv8tAOrwbEeL8c8FAucLuPpyvOVXy6FWwdvk83KeuGUZBClQMgrJuIHlCcAu9nEA9KoD9u31iyHPS0CtMB6inycIxw25G74PMZPII0sCWvHhQq_PZw92p9Gmssvewrj7cTy3cCQF8cwEQGc3Cx602Lu72-fLpk844F0HJFT52ytrycTDpDqjNoMbFeS6MGRodD0YvoEGEF8kvYWVnMRGrK70-nOeq_EuXl7OhR99C7VgcnGls909V7SVpYmIT-SXLalrZObAChY7GjDsvO4FwuRQ_iGKbsa6FFZ_3l6dSmGyKJ69dj_LdBcrnGJvhEMenebGKHhgyxWLn7r7LxNa0_F3Q_7fDgEnXYbnXCHuhNqCLE0h98hzqpltFrE3toQnmPV8NUKjO6_QkAk5-fxrdgTvdg7TArw2C7a_zcgVq34wxHkD5TDNBDtYzP3V1gQiJWmjmnv-XgQNeK66UIYZfDa1eSIFkEkzHRw13-p5K5gnqvfywtkkBtDom2HyY154dnd6T1xpOYbA9UQWySG57A4uGtfQ3MWm7kT1gHNyjgXpKCmJ5h8zVQnOVtj6MvAsgd9rKJLN8vYvzBWVZMVs8YLctyTCl9Iky2lgKi9YX_DQ9vfyrgitZZDN7efsRDqmuil8pxIOv11KjOSFkLUxHJxh87i1mxsX2BLmxEqjioG_EffXcg5VwltPv4H3HjZl-T_U-ZojJy8wqq8gR5BHQmWKPqM7f12cLVXelC28rW7eDaHqMzT0NodLfAXY0y4UZ5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.the-star.co.ke/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 200 ad
v.lkqd.net/ Frame C3A8 2 KB
2 KB 350ms
350ms XHR
application/xml 146.20.128.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=45094441&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:34 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.the-star.co.ke
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1412

GET
H2 200 vpaid.js
ad.lkqd.net/vpaid/ Frame 6B19 230 KB
61 KB 144ms
143ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 03:36:34 GMT
content-encoding: gzip
x-sp-metadata: HS256.CNK14p4GEogBCiQyZjRmNDc2MS03MmUzLTRmNzctODE4YS1jZjlmNzYxOWViMmYQ4LuY6t7p/AIaBgjCmeKeBiINMTE2LjkwLjc0LjE5NyiS2QIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGNkNWM3MDU0LTBlNDktNDI0NC1iODY4LTcxMjQzYjgzNzdiMxjF5AMiGAgCEhRjZHMyMDUuc3kyLmh3Y2RuLm5ldA==.2eZr7IfWGrHShyuepCsPs3I168aQ5YDevegZFX+pCJc=
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
etag: "88ca76abee51b1544e17b021f04aaaed"
x-hw: 1675136194.cds207.sy2.hn,1675136194.cds205.sy2.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62021

GET usync.html
ad.lkqd.net/cookie-sync/ Frame BEFB 0
0

POST ad
v.lkqd.net/ Frame 6B19 0
0

OPTIONS ad
v.lkqd.net/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: myjobsinkenya.com
URL: https://myjobsinkenya.com/api/fetch/jobs

Domain: tt.onthe.io
URL: https://tt.onthe.io/xyfkqvVtTBnP/ht.json

Domain: cs.krushmedia.com
URL: https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=lPAv2QEw2zo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D

Domain: cs.krushmedia.com
URL: https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=rU6QyD6aLFo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMxOGY4YjgtNWQ3ZS02NTc3LTZlY2QtMDUzN2U4NWUyZDI1

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1963036234330670071&gdpr=0&gdpr_consent=

Domain: pippio.com
URL: https://pippio.com/api/liveramp.com

Domain: image4.pubmatic.com
URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-JItWvr5E2uUdFqsqm9hARYH_kESEm7U-~A&gdpr=0

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: st.pubmatic.com
URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1675136189&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]

Domain: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=45094441&m=&rtv=1&thost=www.the-star.co.ke

Domain: v.lkqd.net
URL: https://v.lkqd.net/ad?pid=430&sid=1169236&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.the-star.co.ke%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C63457%2C1%2C&c4=true&c5=&c6=63457&rnd=45094441&m=&rtv=1&thost=www.the-star.co.ke

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.the-star.co.ke/	1969-12-31 23:59:59	Name: session Value: "eyJyZXR1cm5fdXJsIjoiaHR0cHM6Ly93d3cudGhlLXN0YXIuY28ua2UvIn0\075\|1675136170\|61d07259d883e84a3551164d467cdcaf41204e2a"
www.the-star.co.ke/	1970-01-20 09:20:22	Name: _io_ht_r Value: 1
.the-star.co.ke/	1970-01-20 18:46:53	Name: _hp2_id.2240579796 Value: %7B%22userId%22%3A%221685113199417527%22%2C%22pageviewId%22%3A%225945422048486440%22%2C%22sessionId%22%3A%226714582131408909%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.the-star.co.ke/	1970-01-20 18:54:56	Name: _ga_YVV0QW5VF1 Value: GS1.1.1675136176.1.0.1675136176.60.0.0
.the-star.co.ke/	1970-01-20 18:54:56	Name: _ga Value: GA1.1.1629641582.1675136176
.the-star.co.ke/	1970-01-20 18:40:32	Name: __gads Value: ID=d71c61d8988dfa2f:T=1675136176:S=ALNI_MZHTydL2EhBcE-uOmzWBXjXxh1flw
.the-star.co.ke/	1970-01-20 18:40:32	Name: __gpi Value: UID=00000bb18ac73d5d:T=1675136176:RT=1675136176:S=ALNI_MY_903uHFAvuALaLp3n95IVXRt7jg
.doubleclick.net/	1970-01-20 18:54:56	Name: IDE Value: AHWqTUkreqQMJMQGF2uEp9dUTucMOAtyR6f8G6BZpqKFBF7ya530oUKbfujDOaoWCh0
.yahoo.com/	1970-01-20 18:04:53	Name: A3 Value: d=AQABBLKM2GMCEADURyJP7fXgZ1amrcLdLCsFEgEBAQHe2WPiYwAAAAAA_eMAAA&S=AQAAAgm6h6bz9Bb4CINYW_ljgzM
.ads.stickyadstv.com/	1970-01-20 10:02:08	Name: UID Value: 1dba4d76d3f63e746c108df6113fc4e3
.bidswitch.net/	1970-01-20 18:04:32	Name: tuuid Value: 7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed
.bidswitch.net/	1970-01-20 18:04:32	Name: c Value: 1675136178
.bidswitch.net/	1970-01-20 18:04:32	Name: tuuid_lu Value: 1675136178
.analytics.yahoo.com/	1970-01-20 18:04:32	Name: IDSYNC Value: 1982~29q3
.turn.com/	1970-01-20 13:38:08	Name: uid Value: 2465643327094786842
.lkqd.net/	1970-01-20 18:04:32	Name: sr103 Value: 1\|\|1675136179
.lkqd.net/	1970-01-20 18:04:32	Name: lkqdidts Value: 1675136179
.lkqd.net/	1970-01-20 18:04:32	Name: sr102 Value: 1\|\|1675136179
.lkqd.net/	1970-01-20 18:04:32	Name: sr94 Value: 1\|2537700921132714778\|1675136179
.lkqd.net/	1970-01-20 18:04:32	Name: lkqdid Value: diICJj0iUVY
sync.srv.stackadapt.com/	1970-01-20 18:04:32	Name: sa-user-id Value: s%3A0-b39fe576-5dbf-40d9-547f-5803f882939a.za2KHXY8XmeZ323%2FU1ahl808jplYMmy%2F8IX4mCLd84o
.srv.stackadapt.com/	1970-01-20 18:04:32	Name: sa-user-id-v2 Value: s%3As5_ldl2_QNlUf1gD-IKTmnRaSsU.kaO4tnnvlxF4jsjk%2FnYxb7b3suz3p6XY04%2B83Vf7cNE
.lkqd.net/	1970-01-20 18:04:32	Name: sr54 Value: 1\|d23b58aa-347e-4b12-add3-4f322c0a9f37\|1675136179
.lkqd.net/	1970-01-20 18:04:32	Name: sr93 Value: 1\|s5_ldl2_QNlUf1gD-IKTmnRaSsU\|1675136179
.vidoomy.com/	1970-01-20 18:04:32	Name: vidoomy-uids Value: eyJ1aWRzIjp7IllBSCI6eyJ1aWQiOiJ5LVYxWjNoMWRFMnVGdll4U2w5TFMzTXZyTFZ0azNtS3lhRlJuWjlGRS1-QSIsImV4cGlyZXMiOjE2Nzc3MjgxODB9fX0=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: E9_Phky56iA
.youtube.com/	1970-01-20 13:38:08	Name: VISITOR_INFO1_LIVE Value: lfpIP4pfjaw
.youtube.com/	1970-01-20 13:38:08	Name: DEVICE_INFO Value: ChxOekU1TkRZMU5URXhORFl3TWpFNE9UUTFPQT09ELWZ4p4GGLWZ4p4G
.the-star.co.ke/	1970-01-20 09:18:57	Name: _hp2_ses_props.2240579796 Value: %7B%22ts%22%3A1675136176533%2C%22d%22%3A%22www.the-star.co.ke%22%2C%22h%22%3A%22%2F%22%7D
.doubleclick.net/	1970-01-20 09:18:59	Name: DSID Value: NO_DATA
.lkqd.net/	1970-01-20 18:04:32	Name: sr85 Value: 1\|\|1675136182
.adhaven.com/	1970-01-20 18:54:56	Name: uid Value: 4c_11c70f27-23ed-433a-9041-1be966b0300a
.quantserve.com/	1970-01-20 11:28:32	Name: d Value: EFEBDQGXKKvLkwA
.quantserve.com/	1970-01-20 18:49:10	Name: mc Value: 63d88cb7-3ee99-1aca5-8c8b9
.tribalfusion.com/	1970-01-20 11:28:32	Name: ANON_ID Value: aJnr6ip26Ub8e4OCbB8ZbZbr3yUHAgRsKfZbldPRD3LPnOcwZclQWS6ZdbZaWgFZcSIHY0xrVJNGWbT
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrQ0NzKwMDEwszA3MDAFQiNTIT5D3UQLC11Ds8jSLD-zPAB_uY_YJQAAAA
.rfihub.com/	1970-01-20 18:40:32	Name: rud Value: H4sIAAAAAAAA_-MSNrQ0NzKwMDEwszA3MDAFQiNTIT5D3UQLC11Ds8jSLD-zPAB_uY_YJQAAAA
.bidr.io/	1970-01-20 18:47:26	Name: bito Value: AAISok7HsRkAACD4M655dA
.bidr.io/	1970-01-20 18:47:26	Name: bitoIsSecure Value: ok
.lkqd.net/	1970-01-20 18:04:32	Name: sr6 Value: 1\|\|1675136183
.lkqd.net/	1970-01-20 18:04:32	Name: sr25 Value: 1\|\|1675136183
.lkqd.net/	1970-01-20 18:04:32	Name: sr45 Value: 1\|\|1675136183
.lkqd.net/	1970-01-20 18:04:32	Name: sr55 Value: 1\|\|1675136183
.lkqd.net/	1970-01-20 18:04:32	Name: sr86 Value: 1\|\|1675136183
.lkqd.net/	1970-01-20 18:04:32	Name: sr97 Value: 1\|\|1675136183
.lkqd.net/	1970-01-20 18:04:32	Name: sr80 Value: 1\|AAISok7HsRkAACD4M655dA\|1675136184
.openx.net/	1970-01-20 18:04:32	Name: i Value: acdb142b-3d8e-0424-21fb-9766469bd0b8\|1675136184
www.the-star.co.ke/	1970-01-20 11:42:56	Name: _aimtellSubscriberID Value: 0ff95fbb-1ceb-a9df-681f-587162497ac1
.openx.net/	1970-01-20 09:40:32	Name: pd Value: v2\|1675136184\|vO
pool.admedo.com/	1970-01-20 18:04:32	Name: tuuid Value: da43dbfa-d408-40ff-b16d-0a877e6d242e
pool.admedo.com/	1970-01-20 18:04:32	Name: c Value: 1675136185
pool.admedo.com/	1970-01-20 18:04:32	Name: tuuid_lu Value: 1675136185
.adsrvr.org/	1970-01-20 18:04:32	Name: TDID Value: f39b6373-c74c-48ac-9e79-26cc6c86044e
.lkqd.net/	1970-01-20 18:04:32	Name: sr12 Value: 1\|7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed\|1675136186
.adsrvr.org/	1970-01-20 18:04:32	Name: TDCPM Value: CAEYASABKAIyCwj4lIWF4tHBOxAFOAFaB2UwZDZxNWpgAg..
.1rx.io/	1970-01-20 18:04:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004%22%2C%22nxtrdr%22%3Afalse%7D
.lkqd.net/	1970-01-20 18:04:32	Name: sr43 Value: 1\|7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed\|1675136186
.lkqd.net/	1970-01-20 18:04:32	Name: sr22 Value: 1\|f39b6373-c74c-48ac-9e79-26cc6c86044e\|1675136186
.lkqd.net/	1970-01-20 18:04:32	Name: sr46 Value: 1\|7eb4bf8d-d8d5-4f2c-87f5-a9b71f505bed\|1675136187
.tidaltv.com/	1970-01-20 18:04:32	Name: tidal_ttid Value: e04f504a-8b81-4922-bc06-4c098c9c42b9
.csync.loopme.me/	1970-01-20 11:27:05	Name: viewer_token Value: 23a04e66-ede7-4541-a01b-4d7e1bf6dda1
.lkqd.net/	1970-01-20 18:04:32	Name: sr23 Value: 1\|6c483055-7533-4ef4-bedf-d032975e7ceb\|1675136187
.sabio.us/	1970-01-20 18:04:32	Name: sbid Value: 2283198874896024021
.rlcdn.com/	1970-01-20 18:04:32	Name: rlas3 Value: LyCAoH0ZXN/m7MljHvtrp4DG9VGFqWSSxP/4ng64Fxc=
.rlcdn.com/	1970-01-20 10:45:20	Name: pxrc Value: CAA=
.everesttech.net/	1970-01-20 18:04:32	Name: everest_g_v2 Value: g_surferid~Y9iMuwAABdlZIwBh
.targeting.unrulymedia.com/	1970-01-20 18:04:32	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004%22%7D
.lkqd.net/	1970-01-20 18:04:32	Name: sr13 Value: 1\|23a04e66-ede7-4541-a01b-4d7e1bf6dda1\|1675136187
.contextweb.com/	1970-01-20 17:57:20	Name: V Value: SddPgjnMZvN4
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 46ad9a5d3c234b41
.lkqd.net/	1970-01-20 18:04:32	Name: sr39 Value: 1\|2283198874896024021\|1675136188
.lkqd.net/	1970-01-20 18:04:32	Name: sr7 Value: 1\|RX-7a057c30-d8a4-4b12-9f43-8b4c10ebb24f-004\|1675136188
.scorecardresearch.com/	1970-01-20 18:54:56	Name: UID Value: 1D1292f2906f6fe31ca2e031675136188
.lkqd.net/	1970-01-20 18:04:32	Name: sr53 Value: 1\|SddPgjnMZvN4\|1675136188
.lkqd.net/	1970-01-20 18:04:32	Name: sr76 Value: 1\|EAMlNB5TIzsLAyRpHwlsPUdTIDkLCCI0RAl3cA6i\|1675136188
.lkqd.net/	1970-01-20 18:04:32	Name: sr52 Value: 1\|Y9iMuwAABdlZIwBh\|1675136188
.lkqd.net/	1970-01-20 18:04:32	Name: sr90 Value: 1\|4c_11c70f27-23ed-433a-9041-1be966b0300a\|1675136188
.smaato.net/	1970-01-20 09:49:10	Name: SCM Value: da54b067
.smaato.net/	1970-01-20 09:34:03	Name: SCMv Value: da54b067
.sitescout.com/	1970-01-20 18:04:32	Name: ssi Value: 7dfa44d4-d64d-443a-abed-2a8647a9a7cd#1675136189160
.lkqd.net/	1970-01-20 18:04:32	Name: sr109 Value: 1\|da54b067\|1675136189
.sitescout.com/	1970-01-20 10:02:08	Name: _ssuma Value: eyIzOSI6MTY3NTEzNjE4OTU0OCwiNyI6MTY3NTEzNjE4OTU0OCwiNzUiOjE2NzUxMzYxODk1NDh9
.tidaltv.com/	1970-01-20 18:04:32	Name: sync-his Value: "H4sIAAAAAAAAADM0Nja3tDI0tNA1NDXVNTQyBwC1EklKEQAAAA=="

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://polls.the-star.co.ke/polls/embed/poll/-NN0ChoxL-eV16Tf7f8Q Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://polls.the-star.co.ke/polls/static/js/main.af74b8b9.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://polls.the-star.co.ke/polls/static/css/main.6a3a9404.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.the-star.co.ke/ Message: Access to XMLHttpRequest at 'https://myjobsinkenya.com/api/fetch/jobs' from origin 'https://www.the-star.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://myjobsinkenya.com/api/fetch/jobs Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.myjobsinkenya.com/images/xgreen-logo-ss.png.pagespeed.ic.ZEI47I_OoG.webp Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.the-star.co.ke/ Message: Access to XMLHttpRequest at 'https://tt.onthe.io/xyfkqvVtTBnP/ht.json' from origin 'https://www.the-star.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://tt.onthe.io/xyfkqvVtTBnP/ht.json Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=lPAv2QEw2zo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=rU6QyD6aLFo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
other	warning	URL: https://cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://the-star.containers.piwik.pro/5544cb60-01b8-4c6b-bd43-11fbac705245.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.the-star.co.ke/ Message: Refused to execute script from 'https://the-star.containers.piwik.pro/5544cb60-01b8-4c6b-bd43-11fbac705245.js' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js(Line 1112) Message: Unrecognized feature: 'web-share'.
security	error	URL: https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js(Line 1119) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://www.the-star.co.ke').
network	error	URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662253695692628 Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript	error	URL: https://www.the-star.co.ke/ Message: Access to XMLHttpRequest at 'https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMxOGY4YjgtNWQ3ZS02NTc3LTZlY2QtMDUzN2U4NWUyZDI1' (redirected from 'https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.the-star.co.ke%2F&cb=828768308&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C63457%2C1%2C5964404461773414561443445106,,') from origin 'https://www.the-star.co.ke' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTMxOGY4YjgtNWQ3ZS02NTc3LTZlY2QtMDUzN2U4NWUyZDI1 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: https://www.the-star.co.ke/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a.tribalfusion.com
a.vidoomy.com
ad.lkqd.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.co.nz
adservice.google.com
analytics.google.com
b908f40901109e79b053f5f6026a4048.safeframe.googlesyndication.com
beacon.aimtell.com
bh.contextweb.com
c1.adform.net
cdn.aimtell.io
cdn.ampproject.org
cdn.heapanalytics.com
cdn.mgazeti.com
cdn.onthe.io
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cs.krushmedia.com
cs.lkqd.net
csync.loopme.me
d.turn.com
dpm.demdex.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
heapanalytics.com
i.ytimg.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jnn-pa.googleapis.com
lh3.googleusercontent.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
media.sabio.us
myjobsinkenya.com
nxd.adhaven.com
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel-sync.sitescout.com
pixel.tapad.com
polls.the-star.co.ke
pool.admedo.com
pr-bh.ybp.yahoo.com
radioafricagroup.github.io
rtb.adentifi.com
s.ad.smaato.net
s.tribalfusion.com
s3.amazonaws.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
signals.aimtell.com
simage2.pubmatic.com
st.pubmatic.com
static.doubleclick.net
stats.g.doubleclick.net
survey.survicate.com
surveys-static.survicate.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
t.lkqd.net
t.teads.tv
the-star.containers.piwik.pro
tpc.googlesyndication.com
trc-events.taboola.com
tt.onthe.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vid-io-pdx.springserve.com
vid.pubmatic.com
vidoomy-d.openx.net
vpaid.pubmatic.com
vpaid.springserve.com
www.google.co.nz
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mgazeti.com
www.myjobsinkenya.com
www.the-star.co.ke
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ad.lkqd.net
cm.g.doubleclick.net
cs.krushmedia.com
image4.pubmatic.com
myjobsinkenya.com
pippio.com
simage2.pubmatic.com
st.pubmatic.com
t.lkqd.net
tt.onthe.io
v.lkqd.net
103.229.10.211
103.229.206.241
103.231.98.191
103.231.98.194
103.231.98.196
104.18.11.207
104.18.24.173
104.18.30.151
104.18.31.151
104.21.45.196
104.22.71.231
104.65.228.208
107.178.244.193
119.9.108.180
13.115.236.114
13.227.254.18
13.227.254.33
13.227.254.51
13.228.93.73
13.33.88.104
139.59.55.128
139.99.68.6
141.226.229.48
142.250.4.157
142.251.10.132
142.251.12.119
142.251.12.147
142.251.12.94
142.251.12.95
146.20.128.134
146.20.128.152
146.20.128.159
151.101.1.44
151.101.130.49
151.101.65.195
151.139.128.10
157.240.15.13
172.217.194.155
172.253.118.132
172.253.118.154
172.253.118.155
172.67.188.214
172.67.193.140
172.67.218.127
18.138.161.18
18.195.73.204
182.161.73.136
184.25.221.62
185.199.108.153
185.84.60.23
198.8.71.131
20.79.102.66
23.106.69.73
23.36.49.63
23.53.160.138
3.19.54.139
3.231.66.207
3.232.171.121
34.107.184.81
34.124.209.251
34.98.64.218
35.190.60.146
35.213.12.39
35.214.223.115
35.71.131.137
35.75.149.219
47.252.78.131
50.116.239.135
52.216.132.133
52.220.170.179
52.34.92.83
52.74.162.2
54.179.76.98
54.237.254.37
54.87.95.148
64.233.170.154
64.233.170.94
67.199.150.86
67.199.150.90
72.247.81.161
74.118.186.45
74.125.130.138
74.125.24.132
74.125.24.155
74.125.24.93
74.125.24.97
74.125.68.148
74.214.196.131
98.98.134.242
007ecdab25d33df45aaa870060b31044017b63613270373867c3e4b4bab0e0a0
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
017bcc442fc60bcf793bb10358ec4f0d63f7ea22e96e62ddd88a348efa042200
02a286f51c2cc8db5c4ae150ee356cbc2baad652752dfb46b7d3b88279f5101a
03064acdab807ad7d6a936b31b7f77cae92fdd216c2ea9a0ab392b734ca461a2
06fd2a61dce61487dc324f208fdf13c255b8b1d2c6969c27609bde27488f0fa3
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07f3800690af7b6f99f1b3a4b466b38be589e47990ee4cc772bd68921fbf9af0
089c15f9c5cc71bf13afab16ff186c621b8efe3a36008fc1ece77d3cab6bc29a
08d4c2c759332758f93626fc0ee1627a48701211d6bffcd9e85229ef24222b26
0b9c86af394e4b0b68f4289ee3c470e4fe7bb00512785f3cfd2b7ac6c46c02b7
0be58fb0639cde895aefea4feddde840395c6ce1bf28345678042f3b031a104d
0ccc2fd2dc5be26b8c78d54d8b4943b804d95cebc6ae946c9fbac96019d191d0
0d614fd3c369e198cf82a54fab5ee706a3ec6af2b6fdd18f175cb017fa90f00f
14939db9e2782d32cbc874d2f5939aa07753edf244352773c43ca33ac30bf16a
1700f83003b043d183ab54ed4925d06ec9f28639c45cd8444c85403acaeab533
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e21aa71f9cb4159176eb80c1c9677d75fbd1da3a028931a63fdb483d089cf3
1c0972f196443730c293a5833debba43e77cb8d3c92569c316e0d7ec4c99dca4
1f54b2571c0eb99bc9924905f84832c8d1daffc85921a657cfde12490261f3a6
21fbb11f704d2c8cb3d378a01dbd61acbe298d6af3258e052551a7b29c6b478e
2333d0173ac8b2e628442051e06b3fcb3936b926f8f68859ddfe7daf4dd8f005
24ed15e9fb058e344618b8c7a68b56b5765ea51b1765fac3372a040955da6877
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2a1331047fb3afa65f98be0248a07e6227b3f89e1f78e7311d93b417c0a7b366
2a89d2c69775979c29ab9d55557dab76cd0533c54adc2a55f695dcc70dd6f235
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b42e9bbbb879bb888234ae4b0afd186eea1c20e0991920c3a9e722dfccdd3b5
2dc41532218c4aedb2e069256335e97cfce9ee7307fd71530240499636493fca
2e98ef142a087c8c7da0afd1c303dc1e7f2e6e9eec1e8fa8a9448d35f38fcd8c
30eb99425a0afc0ccc7802996844c817100b8cec24009e6dd98f531ea3829a44
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32c2ce8986127dcada0ebdb96c10751428ad32f74dcad5e9d590b59982a6f24f
32e821971814c7dd50dea34618b3181f45a9fdaab72bc529633725c190d2b9e3
338a602cb3254711ed6a55c3b075b0afdaa0c9bddae56ad3ad9ef856d1bba66d
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
36c8c49511f02f28b45b94fd621b747c835ff7850534361219632d0290cde85e
389d786384db1111182af45134e6aed907f6a6582262be67d128c8f28bc88d8c
396890d2e339fa48ba1219be36552031a454f95fb9dd6fee61f4de566c78c91a
39bfedc970a003d6ec90bcf8544220ad285c773d9b07d08b9233ea28d72f406d
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e2b3552bbcc9262e03663e73510fe2439312a0bf71142aeed74e0686637fc68
42a4b0c88b2358f7302c4732a0fdd55b7bd7622d7bcf32bc250e9469963fe4ba
4336d55222557ab42703e451fbe9e0c7a733539f215b141f737ded1ef16fd19d
45c27c944b3a25659c79f3ad20bf80ef9889ebbc2845ae85a7c2c4fffa8c9e31
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46aa36987712e6193aa86d06a12a467168885a12db8c9e863f0188e78e6df0ef
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47c7188d8a8c546806eda7758802d071aa67f30b16ac565f207b250b9e737a17
47d03df55ceeb354e3ef0fdb5adf4ffd51613228618ddfb3040336b5c1d040f0
482f6923b75a2880441f35ead0912d3abf72325e55ef230caa8a30b30f2eccdb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
498340b5ce57af046941ab37ea458fa90fb70d7561fd4507db89d6510c7bdde2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
498d521089ab4acd1cae9ffcc81f4fafec6c3f5a0c2c167af2c23bdfa2a726c8
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8d078acb2e2069da9bad4650bc6ef0ade536a34984aa86ee5026f5163a030a
4ddbf0e16b17cc509f5115978a429b5c5284737c14e343f3fdcacf581e4f31bf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea7f54f824a6fc2544000de63c3459f6e743ab13039b5abdee715dee7ac9c25
4f6bb04bd8d807c70ba5e42230f3e4460172332df8e3d2c9f5e24d3fea0a579d
5176e48ae687ff2ecb6f7f1c75fbe3030ae67ce26a072ae0b84814b586b41a39
52bb4c7111183715cbad9a46de3b86fff85cb1d054ae7a86035c46a01a9c2952
539eb6d2511a5017738b539919b691bb7b2b7265b97b4f06673eef710612069b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d6fa3b653c5e16db5247062dfcf74cd3dab4d9fccc46b737fc2b84a9da798d
55716a9b6c89a09e68a65538f741fadd01ac7998637a9d8be1f31bb790bc7351
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
5682873135c515d231edb79e550c7cc85858a5b1d41ee3d7fda026e137db378c
58d93976daffda99c0d5376685a3cb1db6c86babccd917877b94053c070e4021
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba76e6f632f82d934eaf4066d2ae0572b4c73310f02971c64090c86c31ce288
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c384967e0e98775b927ba3e55939f6f983e9d55c7e903d8f94ebff83a4d9ad8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cdf0e1a778ccd90c6656df0d6eb60b6bf574bc7a11a99b4418ea0ae1dd75c48
5d147349060448cef253af7314c5633512dcaa7af91ff2e451557c1d2270406a
5eb9168c31d8e279a529edcb5463777d6e58a1d08fe28f070395499b6237d8ba
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61014c361ca697a474f92b408a0b06f8528d0753e695361bd56b21324d591ba8
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d82e0ae62e9f2a7d724c3a6fa22cb30ddfc4d8f8ec91de31580c3d8ff06fa8
6278019f8667a088079e1e3884c4378e3863fa3f90aafbcc8a0a7a250c152bbb
6406a4add907e7ba6b46851af2e625eb5e059d1b730a77e679c408643520b23a
64b146021b5dd3fd90bfc36519ea2de22684243fd89e4663981f53453fb0f496
6518833c2ff5ffab8c3a93dfe998fb52180d0e8752920266a83c015b21c1c2c4
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
682b93e5bdfe8f2ba981a9bfe9ac3f01339242e50425b291ff7e74042a0fade5
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
6ac01481db183c8e49fc4e1121e3c3b414edf0783b59a37cb8078e469dbf2939
6da58309c2b41920290031163bc4dae426d0e70922edb00a0b2ecda99b4d3932
6de586436796f02a3c1542ca2a34750b74d0f6d9994f7db2d17cb5cf3d693710
713bb882ed3d1ce567619ffef5902d0e63e98644e61677d9b600a7d5a5722df8
7189452b73f00079dc3b9672d2e3506d78582eed701f9a1ecbe698ab8d4c45f5
72ab663925ecacafce058db542850be48a01953885fd418c1ee3717193c9bbb4
73d4f9703605d25c6ff552c150f864c6229a772de3e4de5909c951c0a860753b
75c8b28b94825551390e4a0bee1a85ce76d191c6ff9e03a3b1e31b8f1efedd3e
7676f6dc117d2a5a2d5f2dd09fd5996029cdcf282474b9033dcfe4056b7f53c4
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7ad256bc6da9828dff420619fcee684af37f4f8ead71ab7f0ecfb8c736d7488c
7b7b716e66204a82bf998f3dbc562e1c6ec67f8568f7e54fc9842731b0f786a2
7c44eb9a3596ee3cf1af26b1e6d0d43ff30a2244059ff47aba956fe973db2cc2
7cf522faccd0bf290288a03b5f91bcf99780e307a9f439749b8714fd6902df4e
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7d2c29a5843a7d2faeeeb95ae5d3556b80b19aa022022d58289d120c54e02d94
7ff0a74af02c5fd32ced1f281f2ab9dc0c279e8f872f31301936a7e5b9b90b01
811fbe251991b76cc7c03247f23c64fc2eb463880f2108aedfe0d04978e3a778
81be319efb8fcc7e13954b485504cce982eb5904693aee428986cd9c4a44b25f
82c2846e1cfc97ab99893211dd3c20de6c1dd0f6d1099cf362b1aad84faa0f2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834cdaa7a3990d13c225428b95ad437992e1ad81d5e854c77d3aca4da0f8c064
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
86f3e50f85bccd868e53f9f31010fb268f1b4f06918dc08a0186a80b52688b4b
8767a153c7e72f2c42693bf86cda7bb2613802be672e650a3ff0809cb1527aef
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8e21c71ae4fa46b01e4e9f37a9fca155ad13017e6319ed62406970e2fd011922
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
9123e69ec42adf7e8de45494f948394ccce0565f0b032b0c013776a15c5a6c37
93471f8fcaa396f4c9693f34b00342ac089480ffd19c533be533a79fa3612b34
95a8196bb500551a81a2cbb07a3066f4e37eb80b90a5d2a5cb8fb1192eceaff4
962b5a0b1058fb793fa137b948d5751e208b016bd67b27f886ba1b888e3ef9c9
97a48d7df1d7a3276468f06778c4ecae0a2960d9273c92a918b44e5b1ba32281
981f6a227a100ee1b02f2c108bacf0ffae43c43913288aaa98541502d953607c
9938e0ab84ebc4c9b2416aea14ea8dcd1fed69c28dedea2a46c4af980f0f3164
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a07302fb9190ea264e3c9ea0041e374b3c530e696f34b08e1ddce8b38b56e2a7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0ab00830b6cf8c39df374e5f83a42388e55b99235da17ab315c848b4d83e282
a0e0a7a96cb99a0c3b5693f6d8c0210a0b945c9feeede5851e5aa4a7c9920672
a13c674ab5700fe40ea77abbae8a8c8d7ff9aa6ec42c54e40f728306f2ae18e2
a20808156aa7fccc4a9662121d02894333ebd4195371027ba6ec6d9f1a786696
a25b4ea2db2c4dc1844de60c4c250d48cc20a763f4a973b890d7c5b5ad15488d
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3c5ee454e248c42fbfe28703a9abeb0cc90cb87153d267c415734e5fd968b6d
a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8b65979a67907fc6136e6daaf927b495a387ae2acf80ceeac0b56cd16fd1b55
a98064cca8a7895059d086c2ef279d92d1e68161bc4e7f0f72fa0c4cd7788ae9
abe96ac79bcc4d6b86e449722bebecf96b9f8cf43745fe2b4d2d2d86999b91df
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad5f3238c5699b802b1840ca034b26ea86c55ec3735cc39c6e51ad871c08e923
ae3dc8d820ce46369cc82df85d40702ffc4d7945f6bf78a1efaad34b5888ee7d
aec250d7cf971477a9f08c25ea4188c178a48d0288c70d397e5a2124e4dc051f
b016a04f77d6df226388f83da13a6a20e63dd7c895b3e8cf5f556a87ac269958
b18abf622e5ca89d6857b234fb96baa6d4076dba63d732a40b1014826d54774d
b429a2cc9ff16c152674cf66e0fc48e5e356fd8e9ef154c31e5cdf890c51238a
b5ef89e903158b043bfcbaaf1e1a475b816e56e5e3887d5f5d99634eafd8458e
b6b6a321a301b05f87c762c6d3309c7077b9aaafb5d7389f86bf42a79d823d2c
b889cd4be09bec30d99de26961d2e3a4c1fc87c187ab9326caa70d9b97ca9d79
ba5283ced9c89d851e0a501e9bd8294ccc98c03138020be052060aea58b9ed1d
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be21f21af8e2774f69562660a842c622dbe11d39d11a26e9958c049076b51038
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c25381e9997d83d9fa63a7da1f9a80511f6d8f2fb4f6ba65bf501111c6fb0a36
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b11c4a7e28e22122ce2cfa4deec1eb76ab4879d644454a8297a616c2f0af90
c339cfc899bb024241c30eb3dc84dc2dde32805c5f7d9632b2c1dada4c2b94e2
c36cfe83202abb5473b2f38aa1fb8efca4f689b3eff8f52387c095886f43b8d9
c387c2370eed4d6430a3da7d4c0317aac9a3f9367cda0202f6e0928b9e12ae5c
c422d5cfe6ea0794a8fc744aae62f7629b3ebaeb463f95735e9e8bd30a7097f1
c77088a9ab0b797f2f8033aa1c0f531c7b22b206b78ef167a79b9b3b03f3ae3b
c785098fc813e82b53e7f3d9481dac324593ee84f738d62f621788fd597f91bd
c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
cb5e05871efbbce1befcb890c6b518e22456dd23fb0a40b84fbc80a3b939ecbd
cbf6767dc875423191ba05f826ac2ecde67adfb307ef2f22ee2d3537a7691779
cd1b93d52347be83cea77b6ebc07f5b157d5ba47da07fb0bb48b683c49eadf26
cec76deeaba507c37f385155905b4c63e538eb3cfb2c9315aacdb02a22ad7379
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc3c01a4396b8665c185dd353721f7dac724bdd6d9ee0ce77dfe79f2b17616f
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d266f653edab118f23d71f1e2d3726cbf2e8a82faa537dab3a7edd1896b4d495
d2999dd8b1e89b9bb0e522a363c0feb6c1a9c6f992ba78ec8a50477245d33c39
d2a825e752347630a99f3aa66d5f79e1f132ecea81af55de109f964bfd5e6a76
d3de7488ac6723f0788c9a774701fa787e513a6b03ea875b6ea5c3ae5e2b426b
d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c
d66b5c46620d51e5c78a454725406cbb9596193331126bb6f60d904703ec91cd
d760a1c030bc93aba8a45faa1304017336021aa8ec2a46cc256f96b06583b84c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8019791a1e0c4e998cf012762453416a76ad50d6c5c985e708aac7be1ddb90e
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d873ec282f43f74190b7c2eb8008c28f693ca6e816f6f8a0659847b119acd53e
db00a6f537160d74a69e6c2743b95821a85edcb8b9d6f2a6dca060adcef9d914
dc3b5bc58070e3c92bf7c79fd751863e0eb4a3021134454adee5b414cfe91468
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
df46fee7df2f0328b26f123e6b5e0d53b321db72eef0e4d19aa28f27c1bafc1c
df4a99abc9b4988a7aef5177049adadd3432c015430b1c6737b869e4d68d7e8d
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e362728fd2d538ac44515898eedba531f5307b34a3085963bd613545e9885c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e805b6e423e6b107b9a89230ce5d85c75e5706dc1ebe672b7aa474ea40b59b42
e985d74674d328f85767b80f077954a6161b2b01eeda268b0f218ae5757e29e3
ecc376f6f63c910c21f2a1a9ea86a59c845afbd8f18718fcafb842ac392032b5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30393cecacc3c7121787644e1b59663b8a24455818b9c55b5d9d7f3de5e0d98
f3b85842f1435a024c577c49e634cfdfc799a7d3fb19e8909d1bdd29017ad912
f3ecee88b825e4352286390755db48f1d97260c3699abc8707f3eabe5719c58f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f57b087063d1be22653ab9579eae1e5c640bfc7654d182d5b5ef55110f63c266
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f817c9a060043152dfc50f0fa3b4d5854e48bf7f19ee71da2298c4051c8a0e19
f90057fc184b6c8eae37528418032d0c50678fd1ad00261808c71fbbe1cb1856
f92cc7ae28eb75c3a92e8b34257912eb932dc22cc7dcabd7b29d15f6abeba4fb
f933d1ce742005229ee6ac90b11e1c69f27dbfbd55dcc9d9b9bdffb59db24983

www.the-star.co.ke Open in urlscan Pro 172.67.193.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

290 Requests

84 %HTTPS

0 %IPv6

69 Domains

105 Subdomains

68 IPs

7 Countries

6360 kBTransfer

16146 kBSize

83 Cookies

12 Outgoing links

Redirected requests

290 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 46 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.the-star.co.ke Open in urlscan Pro
172.67.193.140 Public Scan

Screenshot
Live screenshot

Full Image

290
Requests

84 %
HTTPS

0 %
IPv6

69
Domains

105
Subdomains

68
IPs

7
Countries

6360 kB
Transfer

16146 kB
Size

83
Cookies

290 HTTP transactions
46 data transactions