urlscan.io logo urlscan.io
SecurityTrails logo

kenyannews.co.ke Open in urlscan Pro
2606:4700:3031::ac43:ae46  Public Scan

Go To Rescan Add Verdict Report
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=6...
Submission: On December 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 7 countries across 36 domains to perform 263 HTTP transactions. The main IP is 2606:4700:3031::ac43:ae46, located in United States and belongs to CLOUDFLARENET, US. The main domain is kenyannews.co.ke.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 6th 2021. Valid for: a year.
This is the only time kenyannews.co.ke was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2606:4700:303... 13335 (CLOUDFLAR...)
12 192.0.77.37 2635 (AUTOMATTIC)
4 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 192.0.76.3 2635 (AUTOMATTIC)
4 2a04:fa87:fff... 2635 (AUTOMATTIC)
43 2a00:1450:400... 15169 (GOOGLE)
20 104.19.132.78 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.35.253.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
47 2a00:1450:400... 15169 (GOOGLE)
4 7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
3 2a02:2638::18 44788 (ASN-CRITE...)
2 2a02:2638::2 44788 (ASN-CRITE...)
35 2a02:2638::3 44788 (ASN-CRITE...)
3 178.250.0.160 44788 (ASN-CRITE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 178.250.2.150 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
1 3 23.79.143.124 16625 (AKAMAI-AS)
5 5 18.194.61.148 16509 (AMAZON-02)
2 2 96.46.186.57 7979 (SERVERS-COM)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.137.108 201081 (SMARTADSE...)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 52.215.211.56 16509 (AMAZON-02)
1 1 216.58.212.162 15169 (GOOGLE)
3 4 213.19.147.45 26120 (RHYTHMONE)
1 104.19.217.61 13335 (CLOUDFLAR...)
2 2 35.212.212.222 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 52.223.40.198 16509 (AMAZON-02)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 69.173.144.138 26667 (RUBICONPR...)
263 37
22    2606:4700:3031::ac43:ae46 (United States)

ASN13335 (CLOUDFLARENET, US)
kenyannews.co.ke
12    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
4    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:4700:20::681a:b3a (United States)

ASN13335 (CLOUDFLARENET, US)
t.ctcdn.com.br
1    2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
43    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
20    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
3    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    13.35.253.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-122.fra6.r.cloudfront.net
player.wowza.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
47    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
35    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
3    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
5    18.194.61.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.215.211.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-211-56.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
4    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
64 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
653 KB
42 criteo.net
static.criteo.net
csm.eu.criteo.net
2 MB
25 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
168 KB
22 kenyannews.co.ke
kenyannews.co.ke
358 KB
20 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
106 KB
14 wp.com
c0.wp.com
stats.wp.com
pixel.wp.com
78 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
160 KB
10 google.com
adservice.google.com
www.google.com
2 KB
9 criteo.com
rtb.nl.eu.criteo.com
ads.eu.criteo.com
rtb.fr.eu.criteo.com
cat.fr.eu.criteo.com
153 KB
7 googletagservices.com
www.googletagservices.com
256 KB
7 ctcdn.com.br
t.ctcdn.com.br
1 MB
5 bidswitch.net
x.bidswitch.net
3 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
11 KB
4 gravatar.com
secure.gravatar.com
12 KB
4 googleapis.com
fonts.googleapis.com
4 KB
3 cloudflare.com
cdnjs.cloudflare.com
15 KB
3 google.de
adservice.google.de
1 KB
3 ampproject.org
cdn.ampproject.org
35 KB
3 google-analytics.com
www.google-analytics.com
40 KB
2 creativecdn.com
creativecdn.com
687 B
2 adsrvr.org
match.adsrvr.org
902 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
754 B
2 1rx.io
sync.1rx.io
743 B
2 unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
614 B
2 360yield.com
ad.360yield.com
611 B
2 e-volution.ai
sync.e-volution.ai
918 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 wowza.com
player.wowza.com
295 KB
1 zeotap.com
mwzeom.zeotap.com
457 B
1 lentainform.com
cm.lentainform.com
495 B
1 smartadserver.com
ssbsync.smartadserver.com
347 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
884 B
1 googleadservices.com
partner.googleadservices.com
649 B
1 googletagmanager.com
www.googletagmanager.com
36 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
263 36
Domain Requested by
47 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
kenyannews.co.ke
35 static.criteo.net ads.eu.criteo.com
24 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
kenyannews.co.ke
22 kenyannews.co.ke kenyannews.co.ke
c0.wp.com
static.cloudflareinsights.com
17 pagead2.googlesyndication.com kenyannews.co.ke
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
googleads.g.doubleclick.net
12 c0.wp.com kenyannews.co.ke
8 cm.mgid.com jsc.mgid.com
7 csm.eu.criteo.net ads.eu.criteo.com
7 www.googletagservices.com googleads.g.doubleclick.net
7 www.google.com 4 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
7 t.ctcdn.com.br kenyannews.co.ke
6 www.gstatic.com googleads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
4 s-img.mgid.com
4 cdn.mgid.com
4 secure.gravatar.com kenyannews.co.ke
secure.gravatar.com
4 fonts.googleapis.com kenyannews.co.ke
googleads.g.doubleclick.net
3 cdnjs.cloudflare.com ads.eu.criteo.com
3 cat.fr.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 cdn.ampproject.org kenyannews.co.ke
3 www.google-analytics.com kenyannews.co.ke
www.google-analytics.com
www.googletagmanager.com
2 creativecdn.com 2 redirects
2 match.adsrvr.org 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 sync.e-volution.ai 2 redirects
2 ads.betweendigital.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
2 player.wowza.com kenyannews.co.ke
player.wowza.com
2 jsc.mgid.com kenyannews.co.ke
jsc.mgid.com
1 token.rubiconproject.com eus.rubiconproject.com
1 mwzeom.zeotap.com
1 cm.lentainform.com
1 sync.targeting.unrulymedia.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 pixel.rubiconproject.com
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 servicer.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 pixel.wp.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com kenyannews.co.ke
1 stats.wp.com kenyannews.co.ke
1 static.cloudflareinsights.com kenyannews.co.ke
0 sync.adtelligent.com Failed s.adtelligent.com
263 56
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-06 -
2022-09-05		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.wowza.com
Amazon		 2021-10-26 -
2022-11-24		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh

This page contains 27 frames:

Primary Page: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Frame ID: F7F84A9F2C3BA1ECA4A7870391C08E41
Requests: 106 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 726307956F8338B9AB63C5907B84A351
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&adk=1812271804&adf=3025194257&lmt=1639480689&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689215&bpp=3&bdt=1187&idt=111&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=128
Frame ID: 80520C27DA7118DAB57067D01297973D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Frame ID: BAE6651E3666921B44FBF90B77A9C2CE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Frame ID: 18CEFDC2A76EDF7D182C42368AFCF024
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Frame ID: 3E14DFDDEDFA491F63594E243B9017CC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=417&slotname=5563019613&adk=207581927&adf=1798798363&pi=t.ma~as.5563019613&w=696&cr_col=4&cr_row=2&fwrn=2&lmt=1639480689&rafmt=9&psa=0&format=696x417&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689237&bpp=1&bdt=1210&idt=277&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fykiVYcMNf&p=https%3A//kenyannews.co.ke&dtd=280
Frame ID: F1FE435EF8E1FCDE281BDCA19AEDECE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Frame ID: 3E4AD7B949F2C150633DA342B59BC70A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Frame ID: 704E5AA268901CD93181C2CB7D9B22F9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C80C4DCC150C3664515A5071512BED66
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C84FB5E15B715B5082B40D120AF2161
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Frame ID: 4CD3A88F5899701296D177D348215A45
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Frame ID: 4D9AB16E12D32781869FA1D1E3D7BB7B
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Frame ID: 14FB3E470FE5ACFEC9C3A97B3AB621A5
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: BCFFB9C72B14AD0F0C8862B9A33FE86E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: E3F89A05A224ACC5A1DEA59A21E62528
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 218F6AD3921297143AE3E4E598DDA574
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3A6E9B9EA40C1123CC9584B9C7D113E5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A0C928FC57EB868BEB4930937F1E47A4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Frame ID: 3D907C4D362263CD150184AFF31C871E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E45CB23F631E05B579BBBCCDA3E2C639
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Frame ID: 00BE04CF6BD64876DFA4E9B5529EC259
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cji7RcX24YayxI7CR-cAPtq6U-AeaqorLZqb-y-HaDojD8o_OHRABINnO94ABYJX68IGMB6AB1ZynuAPIAQmpAvZv6pNm6rI-qAMByANIqgT5Ak_QH0v9byH6Qspmfxik-Le7tjZQv4uRkUxFkmqPwF3CJ_U0La3ExW0IN8lERnx_uq9cBvziDmaCcp0JIgjKFNSBf_qf5acCktZF6ppffHNE3jfHvEaciobjEY2617VtckYgNZwHQZVY1-UGjJrO7ALVZxALOicA1nugl-sRF2Vmitw_lcuBmEFbNtQMjzGk47xX3o3ftb-6bAf2z0ug6tiq3X7MzA5Z5YKd_5M23yDAFJrETGJM3moso4dhTI60_8t9QMy8Uuxu0Xh916t-NxcjbwdL-eSaxCWjuT0eTX1AsD3Lvvduaoy7v2J4DYlG3tLsXY_iVrno7a5PYDh7DmOZG267woufGzfzSjgLy0cFdB9eyv9YR2QTZe7t4pRxl3-6QxbZMchGxhK0ziOKsiNsdQi1NxHcG2I0CPQIllfVa5Vxuj9JlWPSYEmYHCTPHpuiXSUdpsmEx63fuTgqHZ-QSlT1FuvMx-aHNDsqKo-u0z3WCCiwqB7wwASmh7Co3gOSBQQIBBgBkgUECAUYBKAGLoAHk-PYR6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEK_HDdIICQiI4YAQEAEYH4AKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MDExMTc0MzI5NzU4MTczGAA&sigh=fmMCtRT5tjU&uach_m=[UACH]&template_id=419
Frame ID: 4331D806206EEF026F76DB96A1C94011
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C6AFF8D73C31B788F812AE529076C53F
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1639480691002570688033
Frame ID: 55B0861313E47001A67B792E0FD0997E
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 28BEEE17B83971CAECBFF6B146E47BB1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Frame ID: 47306A8EA7B0EFF2F872DAF895AED3CD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chrome update fixes zero-day crashes exploited by cybercriminals – Kenyan News

Page Statistics

263
Requests

97 %
HTTPS

51 %
IPv6

36
Domains

56
Subdomains

37
IPs

7
Countries

5227 kB
Transfer

12545 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 204
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 225
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 227
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 228
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 249
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Request Chain 250
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f4cf888f-d512-535c-b6c9-9581d771e8f2&ssp=mgid&expires=30&user_group=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=7117e64c-adcc-444d-addd-a68961621988&gdpr=&gdpr_consent=&us_privacy=
Request Chain 252
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbeaBq8QVYi3 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4043782262874785519&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 253
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=191cb042-85a1-48ac-87c9-2d55dfccd142
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJlYUJxOFFWWWkz&muidn=lbeaBq8QVYi3 HTTP 302
  • https://cm.mgid.com/google?muidn=lbeaBq8QVYi3&google_ula={guid},5&google_gid=CAESEDq6a4vaa-8i7P03tZYpm2k&google_cver=1
Request Chain 255
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbeaBq8QVYi3 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbeaBq8QVYi3 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/7117e64c-adcc-444d-addd-a68961621988?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/7117e64c-adcc-444d-addd-a68961621988?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/7117e64c-adcc-444d-addd-a68961621988?zcc=1&dspret=0&cb=1639480691343 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003
Request Chain 257
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=31239a3c-afe2-4397-9249-f3768415272b
Request Chain 259
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=10bcfc87-1050-41bc-8235-e25a1f0cb960&ttl=1642072691
Request Chain 260
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=pwn0KaUxGoR9innptL4S&pi=mgid&tc=1

263 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/ 		369 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46934566f00ac67de155a66ab6a4a8e573046f71ec20e05203ca10c416e9f82
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-type
text/html; charset=UTF-8
link
<https://kenyannews.co.ke/wp-json/>; rel="https://api.w.org/", <https://kenyannews.co.ke/wp-json/wp/v2/posts/683787>; rel="alternate"; type="application/json", <https://wp.me/p7EBuU-2RSP>; rel=shortlink
vary
Accept-Encoding,User-Agent
cache-control
max-age=0
expires
Tue, 14 Dec 2021 11:18:07 GMT
x-proxy-cache
DISABLED
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4oXMD%2FEzeoYfwktuwRRyqSEW5xC%2BhVNpkcWWg0hbpTQNilsgS%2B50XvjR%2Bimfat0eRnBX5kULGC%2FLoDNNbiyUlh0qaKhJL1B6a7H7vAgqmzKs%2BgXKLcw%2FR3KW%2BHz8KdwFv4zgTpmFbFSljCRkpTJ"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
server
cloudflare
cf-ray
6bd707946aa85a2b-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
AQHc0h50Ov8CRqyHCsnydlC21wI.js
kenyannews.co.ke/cdn-cgi/apps/head/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/cdn-cgi/apps/head/AQHc0h50Ov8CRqyHCsnydlC21wI.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4c2fe51c3cfa79eea63764ca2c0e50e93a2f1687d2320154bff9ac129abf02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZKW0QVHXVVMQWAB
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
rha2bUs4tit0ro1TrrycGvN47SbhKq4LohOZQZGqsLOpvejpPx3V/r9S2fg1eudUyMCGj6RP2ww=
last-modified
Fri, 06 Oct 2017 19:53:04 GMT
server
cloudflare
etag
W/"f7abe34914f18b06241fda57116f630f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz81q3IbxCqtHsDv5Lnk%2F7NG5UIcoGKNy29T8PsDVWN1PpPB62JMKBqnnTbzPU7eaR4F5Iov%2FXeuX1TrUcZYR8C6bS2EhokYjsyKqbi8Mpg2SOGavlxTznsmJOXeM%2BE6fly0q8bcbGW%2FTAZyOwuA"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
H7v3hVeKVDa0eUhUwqPkjlz9HryAgCwq
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
6bd7079c5c9e5a2b-MXP
style.min.css
c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
wp-automatic.css
kenyannews.co.ke/wp-content/plugins/wp-automatic/css/ 		2 KB
956 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71846
cf-polished
origSize=2713
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 15 Nov 2021 17:47:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrCJ5GcnP8Rv5%2FGe3CvVFTJJ829Z6bXUeM4D%2B%2FFoTIWM2xcxEtycQKyBfpmV9AkHBM3fG3QsYQp6xijATlniMZKsiNeu%2FLNo5i%2BeQh9HToZsQc1FzqvVEFXWZc%2BHhAaDgHJ209%2BrXjvx%2BRGBH6e2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd7079c5ca35a2b-MXP
x-proxy-cache
DISABLED
expires
Tue, 13 Dec 2022 15:20:42 GMT
style.css
kenyannews.co.ke/wp-content/plugins/td-newsletter/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-newsletter/style.css?ver=11.3.1
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71846
cf-polished
origSize=5831
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:15:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKQcu6AR3yRq5qxbn38FNTkgVQ4ie580Q36LrvgTfKsM9nr2Hd7gW%2Fhv8Pq8esg%2BzJBEXMY2ZVdzs%2B8PGNTHPsmpIUEQMTod1TTiBJ2nuDsxbw2xxvwlo12W8J4au9ncxyHfg8o7A6qP6fzQ9uBh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd7079c5ca75a2b-MXP
x-proxy-cache
DISABLED
expires
Tue, 13 Dec 2022 15:20:42 GMT
style.css
kenyannews.co.ke/wp-content/plugins/td-composer/td-multi-purpose/ 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=810534ce963cec6bd2e7978db2c935c9
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71846
cf-polished
origSize=37284
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqkGwAQtkHg%2FC73BdoZ3wyCX9V%2F1VRcgq4HlOmGhbYDVlZ6FJvs7vOJ5sc6DBvDGy5viFCcrjtsnvUfibBY15DEck5w0q%2BO%2BxSMoHuHIOEGek5TjUs%2F5QV6Mm%2FWbOPXPP33PHOokSRr%2BRWlkxj2f"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd7079c5caa5a2b-MXP
x-proxy-cache
DISABLED
expires
Tue, 13 Dec 2022 15:20:42 GMT
css
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
732bea30eac1f61fbfedf91a865b87690ae3efd917510bdc00c9e01484b9e899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 11:18:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 11:18:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 11:18:08 GMT
style.css
kenyannews.co.ke/wp-content/themes/Newspaper/ 		104 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/themes/Newspaper/style.css?ver=11.3.1
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71846
cf-polished
origSize=149061
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxnODKFdLsOu8vXxidr9Gc1t0UzYI%2B4ueeMziGEJbHagsV%2FirPaMePXP7hCdOyBWbZd1tC1wf0Bup8l3r4VuBCHc%2FqZqapgTmhiroqNXLr0JdBRcWE6ePQ3a81zE4E55q5K%2BMa%2BZPStt5MRicTYf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd7079c5cab5a2b-MXP
x-proxy-cache
DISABLED
expires
Tue, 13 Dec 2022 15:20:42 GMT
td_legacy_main.css
kenyannews.co.ke/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		125 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=810534ce963cec6bd2e7978db2c935c9
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71846
cf-polished
origSize=158679
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tqK0y0g0%2BFyh6gx6EHoBMgzxZwwSw6qEp1cbGG7s%2F5YGcA4TOQeCxmVi%2F9RbzU6DqXqUjY5anp1cILNG7U1NQiPCO%2Fus1%2BpgoqoXDbAp0d8OoJcZuoILloyK%2Btt%2FEyYmIQfGX6IP1xT63geVRVS"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd7079c5cad5a2b-MXP
x-proxy-cache
DISABLED
expires
Tue, 13 Dec 2022 15:20:42 GMT
jetpack.css
c0.wp.com/p/jetpack/10.4/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.4/css/jetpack.css
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a6e9c02837fc4e15d5f6940b514eb5c52f7a752cdbb05862097e7239ad7366a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Tue, 16 Nov 2021 17:11:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
fontawesome-webfont.svg
kenyannews.co.ke/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		437 KB
131 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.svg
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc378232f9dad500890aa9e0bdd030a53d2f317d517393a3b91400b4ddce4c7c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63ADTcX%2FdEPuTkT1Xk%2BRjPDBokULpoUSsNvtnirAcneJo3bGJy242qfgimsqbcLTORDZh20TrQS7lY4LVy%2FeKMPxgNOC6wms5cVuYnafdjskA6berhtN7JEy0lAexrtX9z59luB8ikctt8m0%2BnXV"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31536000
cf-ray
6bd7079c5cae5a2b-MXP
x-proxy-cache
DISABLED
expires
Thu, 13 Jan 2022 11:18:08 GMT
kenyannews.co_.kemobile-logo-e1554718515926.png
kenyannews.co.ke/wp-content/uploads/2017/07/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kenyannews.co.ke/wp-content/uploads/2017/07/kenyannews.co_.kemobile-logo-e1554718515926.png
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a1c1da264b4fbd90ce683b419e900f8652c3e25434587405084564b9d304b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
353279
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9111
last-modified
Mon, 08 Apr 2019 10:15:15 GMT
server
cloudflare
etag
"5cab1f33-2397"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNZSf9ceoNaQ7Mq120de7XCvq3ZK7vzdnLOlMT%2FAEe4kc65qIsFdBPk5N3OgA%2BKCW2SLDlZr%2Bs0VJ7keEmxq19M57FkEWbaIMic5DfolY0BZfxYCmx5HPqIjuwX%2BY0vAVzjeaHg2cZi9Fmy3roT5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
6bd7079eedd94351-FRA
x-proxy-cache
STATIC/PATH
expires
Fri, 17 Dec 2021 09:10:08 GMT
i517359.jpeg
t.ctcdn.com.br/cC61TTMq0vplZe2xtupZrSCYpB8=/1400x788/smart/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/cC61TTMq0vplZe2xtupZrSCYpB8=/1400x788/smart/i517359.jpeg
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
413594b929f42d9b6d4b708f63ce135f83c07acb1e907c4f1ee6dfcfc8c825ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71846
cf-polished
origSize=23998, status=webp_bigger
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
20239
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"134c96cd008d9210379bd5930e1e2c49bad600ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MDjAb8IJi47EbeYkFf%2F28yHWS1l9dDZei%2FIYNQScuhfetnFodlO9c8rc0GFbRS6mBRmfwvw1pLoapTP8bFlZv3oo5wOuYCoPt4M4ZM86U%2BoKY2dctWcFh3MxY0hnK%2B8recakxtecXlIhV86"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079f5b0f5a31-MXP
expires
Tue, 13 Dec 2022 14:01:59 GMT
email-decode.min.js
kenyannews.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Wed, 08 Dec 2021 16:45:16 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61b0e11c-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLQxaBKUjWPJ10Kn1l8LmDf0ImQYp8hc4wX0TjFA3%2BCxqHDW8LMhoXJ4%2FU7JtkXyV%2Ftje%2Fl0cvcjDqhtV8yh4An0QmjkYlJ%2FqJVPFgpAcUNUPWHRmePp5iclaPm7hf8w3%2By0TjvWjygAUiuMvply"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6bd7079ecdb04351-FRA
expires
Thu, 16 Dec 2021 11:18:08 GMT
rocket-loader.min.js
kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Wed, 08 Dec 2021 16:45:16 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"61b0e11c-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGqVtJukOGWldf%2BjRj8rNQ0oY%2BZmva4DzgZHI46k3fAhy3O3p9wz2287l%2Bht92SBgvWUtC8i8QK8gq3J5kNCaNwAC5A1Dgs45KszjJW7U8TOxpa%2FDmWekYNWnY2OLoH2eGnz9o0lL1fytH1Xisfo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6bd7079eeddd4351-FRA
expires
Thu, 16 Dec 2021 11:18:08 GMT
v64f9daad31f64f81be21cbef6184a5e31634941392597
static.cloudflareinsights.com/beacon.min.js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.10.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6bd7079f3c35375e-MXP
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/apps/head/AQHc0h50Ov8CRqyHCsnydlC21wI.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1022
date
Tue, 14 Dec 2021 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 14 Dec 2021 13:01:06 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c913465d4c4fb102564e6d51ce1f34897846beebb4e1bbc387c64586c60d7784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
newspaper.woff
kenyannews.co.ke/wp-content/themes/Newspaper/images/icons/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/wp-content/themes/Newspaper/style.css?ver=11.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://kenyannews.co.ke/wp-content/themes/Newspaper/style.css?ver=11.3.1
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3384300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SZFsVcToQ0mSxCF6r20%2FJJBm8eqRk7%2B%2BI0YB0zhTWcg6TBBu%2FeN6yGTH00PR8t0fOY%2B36qXDond%2FZ7JHaF0rOxb4t%2F5Mm1cMwlN1seiHjikG8G1BtjsHf81oTwHUlHLCZ4C06aOr8H6ly744gKh"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
vary
Accept-Encoding,User-Agent
cache-control
max-age=31536000
cf-ray
6bd7079efe154351-FRA
x-proxy-cache
DISABLED
expires
Sat, 05 Mar 2022 07:13:08 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 00:14:34 GMT
x-content-type-options
nosniff
age
558214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 00:14:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
539090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
552242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 01:54:06 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 17:53:46 GMT
x-content-type-options
nosniff
age
581062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 17:53:46 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 12:42:18 GMT
x-content-type-options
nosniff
age
254150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 11 Dec 2022 12:42:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
573013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 20:07:55 GMT
i540889.jpeg
t.ctcdn.com.br/IBTrc023Hibvg_02N6HHdv98lco=/1000x563/smart/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/IBTrc023Hibvg_02N6HHdv98lco=/1000x563/smart/i540889.jpeg
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
132ac79b15c69fc280701668d70cdce70ee9fe922f53e9b80c5db71e52ae94ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=40387, status=webp_bigger
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
38833
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"6ac7b3570c5e48239af44b8dc7c42145e54aa2e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LM8RIN8t83NR7Z3mLP3h2QagFStoh1Fj9sP1MrfcOsp3NaOlFKCnAskx863KS9f%2FZ6dy7ajdlCEY6hqCsUVqCnlwcYV7BXH2zL%2F633cMvx2EGQBXBvAVEB7dYU7luPTRz3UeYzcS1elv0v%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079fcc355a31-MXP
expires
Wed, 14 Dec 2022 11:00:05 GMT
i526866.png
t.ctcdn.com.br/L53G_R0y59jLMUd47dMO83KWMvg=/1400x788/smart/ 		835 KB
836 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/L53G_R0y59jLMUd47dMO83KWMvg=/1400x788/smart/i526866.png
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c5c1a87fd5a19e20de99f7519c6d5775eec7bfac799f8442ff46b107ab2a8b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=1473603
content-disposition
inline; filename="i526866.webp"
vary
Accept
content-length
854658
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"4ff164994657c8fce21cc3ca436c20cddab8b4db"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HoI7svXwc1nxRbrKRXC2kimH%2FxziaB76EKGNqLb9NqXkn66NThl8DdooRtRFglfrpujDNJHI0ON9ZUNg9i4oGseyKm58cJgx8fT0LOgVg8%2F1YNzlbI4mHSkiEe6F34XjxrFzCbU1Irtj8OCu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079fcc395a31-MXP
expires
Wed, 14 Dec 2022 10:09:32 GMT
i422767.jpeg
t.ctcdn.com.br/bM9Zb4caQ4jkgoe-_LIB-gOyRIQ=/1400x788/smart/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/bM9Zb4caQ4jkgoe-_LIB-gOyRIQ=/1400x788/smart/i422767.jpeg
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29253cda2582cf73f729b9d120deec4f4ab871a1ef09b653860eea774437439d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17967
cf-polished
origSize=71897, status=webp_bigger
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
69678
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"12b3e544dd8db96ece78bc9c093250f77c57874e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NNVHNJR27uVmN2ovbPi84SZMrpUxx0U%2BU%2FPJfiIUE%2FuOhi5PtvV832GWkbLierywM%2BCig9ft1Bc2LuTwLx4i55ng5AeTP55qZMNQh6nzr%2BtOQp%2FY4hLTqxs6PMazzGK7pu3%2F9uRegnyUDRF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079fcc3a5a31-MXP
expires
Mon, 12 Dec 2022 16:27:47 GMT
i540990.jpeg
t.ctcdn.com.br/lQZlU1LT6rKeMX_MpDIgAd9LlGo=/1400x788/smart/ 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/lQZlU1LT6rKeMX_MpDIgAd9LlGo=/1400x788/smart/i540990.jpeg
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df33d216bb5bc957beef58887a9b29d677241f5293c75088786eb4449bc79f76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38672
cf-polished
origSize=255998, status=webp_bigger
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
254681
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"8222f04c5b15eece48254239fd54f072e912f9a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHnwNMCoskb8%2BLhd95Av0n0Vbyy9FOsn2bv8XkHyUPF3WI%2BFC0QvxD9IR6LVa6vm3fpedNLPV8GajIJLmwrQyUK2oJPZmofQVQe%2Bo32LES0TFfjXmnb%2B2sqQlWKCE3E4drWzYJapxdxZsI6Y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079fcc3e5a31-MXP
expires
Wed, 14 Dec 2022 00:33:36 GMT
i433889.jpeg
t.ctcdn.com.br/UFOC30VaSQghFYdzwQ8l3AoHfhY=/1400x788/smart/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/UFOC30VaSQghFYdzwQ8l3AoHfhY=/1400x788/smart/i433889.jpeg
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77113f37f31c9049b9213badb3e914b53e15623e2ed3b339f017fc25ab724e19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41830
cf-polished
origSize=45435, status=webp_bigger
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
43468
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"592f8570ceca5f8c487fd520f5d5b66f4f0ed419"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4d1wNLuQbWa%2FrkRt1C518O74KlTgUMBgKvk%2F5yJpDkhC1dj9kZVmzcG58zBPtQHYJTf7FpNxUtaNEYrp8gtfWUfIHXTZ6TumCfLSoBFa5DSw1TcXLwckROcMmfKeMM2X%2B7m48QxNe7hd2Fp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079fcc405a31-MXP
expires
Tue, 13 Dec 2022 18:50:18 GMT
i499548.png
t.ctcdn.com.br/q-CzyLEDog6E-ELIZFll2z8d2Yo=/1400x788/smart/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.ctcdn.com.br/q-CzyLEDog6E-ELIZFll2z8d2Yo=/1400x788/smart/i499548.png
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb26ec2bd951c707c2c5a32ce4437082246c5e1fd0cb1ef6d56606d76c925f6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17967
cf-polished
origFmt=png, origSize=87974
content-disposition
inline; filename="i499548.webp"
vary
Accept
content-length
44516
pragma
public
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"2be2bb13f67813970b1d4296e1a3f41f35ea94a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gw0%2BX3n1xfoJdK%2FhAGe0yV1NsdH635y0%2F9fSpam3qiLMr769Y9ixql8RKcoabaCsfh7gKzcmQUZEZegcKnn5fNHrFW6FyVspTtY0cFcMXQFf3tSjiQvenuVtMMfJBv5kanDDE5Wzad8Ugtyn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6bd7079fdc425a31-MXP
expires
Tue, 13 Dec 2022 09:03:38 GMT
2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZRekViesH.woff2
fonts.gstatic.com/s/merriweathersans/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v14/2-cO9IRs1JiJN1FRAMjTN5zd9vgsFF_5asQTb6hZ2JKZRekViesH.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CRoboto%3A900%2C600%2C400%2C500%7CMontserrat%3A500%2C400%7CPlayfair+Display%3A400%7CPoppins%3A500%7CMerriweather+Sans%3A700&display=swap&ver=11.3.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc37bb6b7d279b0fdcb1a3bdec761cce370adf0ecc88010ccb4ebc76a5a54444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:07:25 GMT
x-content-type-options
nosniff
age
501043
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14996
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:25:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 16:07:25 GMT
e-202150.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202150.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 04 Dec 2022 22:02:47 GMT
image.js
kenyannews.co.ke/wp-content/plugins/fifu-premium/includes/html/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/fifu-premium/includes/html/js/image.js?ver=5.3.8
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57d1ca5b5f3b1cc5c27b6614572a96b4f5871ac2a8b0b15b318c7cf1b5fa31b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
397190
cf-polished
origSize=10296
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Dec 2021 20:48:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqDTyroTUiPI5bJUJzU3vEBHnW8cdhpeOD6GxJzMWQuFBL0Ej6JWHdnKEDmhBmRsrg1evBQrk5pCnnw2yIe%2F7B1N1%2FwrZgFQ0hTqMTqqzbOHfhRwuLr0FNwO7bHbcBFRz21AbRoxAAVs20XfAcCP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd707a009094351-FRA
x-proxy-cache
DISABLED
expires
Fri, 09 Dec 2022 20:58:17 GMT
wp-embed.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		1 KB
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/wp-embed.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
js_files_for_front.min.js
kenyannews.co.ke/wp-content/plugins/td-cloud-library/assets/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=2713a088559ff26084e8003394764364
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4007813
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCrN4qkRZkriWyKmCwM1uy8sGgkycjsGi93EfHKxu1vK6iJQKTKvteShSWrd42ZT6b96Enmz9leNTBgNuRSVcX95nIh1yAGQmluEv2%2BQgw3Jxd9fZByw6FY5c0%2Fq3HgX2%2B25Rl0PrPTrlahASzUU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31536000
cf-ray
6bd707a0090a4351-FRA
x-proxy-cache
DISABLED
expires
Sat, 29 Oct 2022 02:01:15 GMT
lazy-images.js
kenyannews.co.ke/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=1c8bb5930b723e669774487342a8fa98
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
548905
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Dec 2021 20:47:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XIWCh2qjECk37CircgUvy%2FaPG4r0YCQaA8NqL7KY7kOdMOyRhyUAZJSTaUgfTHl4OT4Ed2s2xV%2BKYNzhk0y0DbyYLiJFYhMXRimCaIl8fNNztM0qnKKWW3q3WTI5mZrnaW7SfakgKdBOJcpEhxG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd707a0090f4351-FRA
x-proxy-cache
DISABLED
expires
Thu, 08 Dec 2022 02:49:43 GMT
intersection-observer.js
kenyannews.co.ke/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=2d4bf43f398489795f1893179047a63c
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
548905
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 07 Dec 2021 20:47:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fss7RPXuBZTrAzPAha42KvSY0uruFG%2B4UhHb3azO4jygPez6queMbGaZp%2F2Bred3e4V1C7A4Akpk%2BIugZkiXdkpsekAGIw16UO3UNoZOy%2Fx2BYNYdXmWqPGm9N%2BIrq8bgFR9t%2BHN34cp788QFj6h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd707a009154351-FRA
x-proxy-cache
DISABLED
expires
Thu, 08 Dec 2022 02:49:43 GMT
comment-reply.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/comment-reply.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Thu, 18 Mar 2021 17:48:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
tagdiv_theme.min.js
kenyannews.co.ke/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		258 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.3.1
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4381355
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAherMYY2CNcSCyIRk90EYZb1XEinpIDflbqHs6AL8QylP9mlv6HmG8L3oyGAVzEqclkZM2IR8Sn5XPL2aZtPdRM57X%2B71%2FZXDogiSNNz%2B7qt7M8F15GTTb83rBt0ykKXM3gSABHx7Vz3Zgq9cCH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31536000
cf-ray
6bd707a009194351-FRA
x-proxy-cache
DISABLED
expires
Mon, 24 Oct 2022 18:15:33 GMT
js_posts_autoload.min.js
kenyannews.co.ke/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=2713a088559ff26084e8003394764364
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3384299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 24 Oct 2021 18:14:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvPb8HJHuQLBCgJHJDosSzQPSxwsMhQ1Xrkt4c3NRSZSGfa5msIyG3jfrYQmxrY69RZJPim6MXzer8iVu4M%2FuK4v9kgvDilxoA6CLpyXhdvrsUiRGP6NftqXmxvKow7ZjSr418LCxf9aCMzxxky4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=31536000
cf-ray
6bd707a0091e4351-FRA
x-proxy-cache
DISABLED
expires
Sat, 05 Nov 2022 07:13:08 GMT
underscore.min.js
c0.wp.com/c/5.8.2/wp-includes/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/underscore.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 19:33:19 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
wpgroho.js
c0.wp.com/p/jetpack/10.4/modules/ 		2 KB
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.4/modules/wpgroho.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Tue, 28 Jul 2020 17:06:48 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
gprofiles.js
secure.gravatar.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/js/gprofiles.js?ver=202150
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Thu, 02 Apr 2020 15:50:36 GMT
server
nginx
etag
W/"5e8609cc-5dea"
content-type
application/javascript
cache-control
max-age=604800
expires
Tue, 21 Dec 2021 11:18:08 GMT
photon.min.js
c0.wp.com/p/jetpack/10.4/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.4/_inc/build/photon/photon.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde7a79194bcf0345b3641642515ca383fe4980971fcbe2aba27420cd05cb7f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51906
x-xss-protection
0
server
cafe
etag
16303418783968056646
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 11:18:08 GMT
kenyannews.co.ke.177625.js
jsc.mgid.com/k/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daaaf6125d2a5793af3a12215de15d7ffbc503388fb0a7c6a782f86d0190d198

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
cf-cache-status
HIT
age
4084
last-modified
Wed, 24 Nov 2021 10:08:12 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
Y7JK95Y5W6DD0FM1
x-amz-id-2
9YD6lowNZdrhzr3kUzlUet7OVtSgc04bVIktNhVdSJZkvekIorQqfVntIWZAFupXep6Mijwp/PE=
cf-bgj
minify
server
cloudflare
etag
W/"6e3880f6a50295395831237bfb8025e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6bd707a04f58535d-FRA
expires
Tue, 14 Dec 2021 14:18:08 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53a64940acb60122ea7b59aa99f8d5271e5cbe0e43b92568715b653754dbd6f1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21013
x-xss-protection
0
server
sffe
date
Tue, 14 Dec 2021 11:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"55c143761d4a63b0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Dec 2021 11:18:08 GMT
wowzaplayer.min.js
player.wowza.com/player/latest/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.wowza.com/player/latest/wowzaplayer.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed2445b3c0d2b8bc8e435533ea568673d8756b59c298e2d8494e84f97ae7703e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 20:09:17 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 19:33:51 GMT
server
AmazonS3
age
54532
etag
W/"ae50b50d03eadfe2fb634d5d42bc9ce4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
1feL81n0rrS5fP7iZ1T5RXjgCSrn0a6PGeyyPFyeifQLjP-vPK4kIQ==
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a63b2043b4dd3295ffd0e0f5b722489021475975ebe1e083001b65aa878a0948
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6794
x-xss-protection
0
server
sffe
date
Tue, 14 Dec 2021 11:18:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"e0f0332c226e2189"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Dec 2021 11:18:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3264247487734791
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
143a36854eac413e4928b490214378642b552e5bd3a054b4584704c3d8d237d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51871
x-xss-protection
0
server
cafe
etag
9754470338175150552
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 11:18:08 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92634106-1
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c4b6f3b40d894260370868650fb4f85f2f0c9ac689d804996e63f8c5c649198
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36250
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Dec 2021 11:18:08 GMT
main-front.js
kenyannews.co.ke/wp-content/plugins/wp-automatic/js/ 		930 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-content/plugins/wp-automatic/js/main-front.js?ver=5.8.2
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e19401707d030422213eacea81ed13ef140752da1382a534e2e52385425e02
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2901770
cf-polished
origSize=1017
strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 20:47:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2B%2FUih%2Fq775rARCMH5WJ%2BXvz3jxdodG%2FqlSvgdn3KMa18HOdBSq1gLE5pO1BcICydfPzsMZwY5Y%2FvLOt%2Fm30iVABeZvCgcIzbX7Pf6Oftx7lz5XkdiuTmWLVyrgW3rhiBNyZ4cvCDZJrhnTt1i6k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cf-bgj
minify
cache-control
public, max-age=31536000
cf-ray
6bd707a009214351-FRA
x-proxy-cache
DISABLED
expires
Thu, 10 Nov 2022 21:15:18 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
jquery.min.js
c0.wp.com/c/5.8.2/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
related-posts.min.js
c0.wp.com/p/jetpack/10.4/_inc/build/related-posts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.4/_inc/build/related-posts/related-posts.min.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2256c9e5605323f852f232fd6819a02cf2cac3e04c84299e19efe83037fd8cda
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Tue, 14 Dec 2021 11:18:08 GMT
content-encoding
br
last-modified
Tue, 05 Oct 2021 16:47:49 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Wed, 14 Dec 2022 11:18:08 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f85c9d31fe1d4507538cd8023f041b3e97db23423f2cafc8a005abed0eaa123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51906
x-xss-protection
0
server
cafe
etag
17152700952893691237
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 11:18:09 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a63b2043b4dd3295ffd0e0f5b722489021475975ebe1e083001b65aa878a0948
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6794
x-xss-protection
0
server
sffe
date
Tue, 14 Dec 2021 11:18:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"e0f0332c226e2189"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Dec 2021 11:18:09 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3264247487734791
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 11:18:09 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 7263 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3264247487734791
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 13 Dec 2021 18:36:45 GMT
expires
Mon, 27 Dec 2021 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
60084
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wowzaplayer.js
player.wowza.com/player/latest/js/ 		2 MB
287 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.wowza.com/player/latest/js/wowzaplayer.js
Requested by
Host: player.wowza.com
URL: https://player.wowza.com/player/latest/wowzaplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-122.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99103326019d3c08da056b3b99f984f4db78f796c3f84621f45a501b6f35f04a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 05:39:39 GMT
content-encoding
gzip
last-modified
Wed, 28 Oct 2020 19:33:51 GMT
server
AmazonS3
age
20311
etag
W/"06dbba6fe7b3211ead7d65124f237cf9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
m_im4R-ql_DRRdUk1dKJpg__3m8tGUT2EKubeBsF6ztSDggLDvdFZw==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1631946876&t=pageview&_s=1&dl=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&ul=en-us&de=UTF-8&dt=Chrome%20update%20fixes%20zero-day%20crashes%20exploited%20by%20cybercriminals%20%E2%80%93%20Kenyan%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACUABFAAAAC~&jid=1761638080&gjid=499138603&cid=962221062.1639480689&tid=UA-92634106-1&_gid=1721716754.1639480689&_r=1&gtm=2ouc10&did=dZTNiMT&gdid=dZTNiMT&z=1863869479
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kenyannews.co.ke/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kenyannews.co.ke
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92634106-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1023
date
Tue, 14 Dec 2021 11:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 14 Dec 2021 13:01:06 GMT
kenyannews.co.ke.177625.es6.js
jsc.mgid.com/k/e/ 		243 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9014ee6897319c5e49dc96cfe8137b7e6ec3e90d87729c80b7c77496f846de7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
br
cf-cache-status
HIT
age
1649
last-modified
Thu, 02 Dec 2021 13:54:45 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
3YYBQVDT3Q94RG3V
x-amz-id-2
oG+II5cHIpRMaJoDxt4+s82B0NmsahUrLqkSJb2PuNisEg24pJhvpiMRvLzTJemTUqUULvzR2/o=
cf-bgj
minify
server
cloudflare
etag
W/"552c009feb7b6f3a46d46a93af6eeac3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6bd707a408be4dd6-FRA
expires
Tue, 14 Dec 2021 14:18:09 GMT
cookie.js
partner.googleadservices.com/gampad/ 		220 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kenyannews.co.ke&callback=_gfp_s_&client=ca-pub-3264247487734791
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
82fd84c4ac4b61c0e75753a8d8d76a2246b951351b9b936d2959a44ca04809af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8052 		289 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&adk=1812271804&adf=3025194257&lmt=1639480689&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689215&bpp=3&bdt=1187&idt=111&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93a246a5b7d6843a6272664b54d6ddaad8d66a7ddd94162a03140d6d7eea147c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:09 GMT
server
cafe
content-length
55075
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BAE6 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8431d898c5e71364dabb03d7c265b2eb587199c5cd438a1f83f986387180033d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:09 GMT
server
cafe
content-length
9557
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 18CE 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54ff29dc26379acb0cc580deaf31ff37f868c08e614bcabe2d18c125567b858f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:09 GMT
server
cafe
content-length
9574
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 3E14 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf6b19125f81d97d9e4c1942d346d7eefab7e9fc0a776f4b6ebe543705de62ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:09 GMT
server
cafe
content-length
9573
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F1FE 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=417&slotname=5563019613&adk=207581927&adf=1798798363&pi=t.ma~as.5563019613&w=696&cr_col=4&cr_row=2&fwrn=2&lmt=1639480689&rafmt=9&psa=0&format=696x417&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689237&bpp=1&bdt=1210&idt=277&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=3431&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fykiVYcMNf&p=https%3A//kenyannews.co.ke&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ce7cbc14a1cef2ad4f08e3837ed18342f0ad8748f92a6bf37e7fccede7cf573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:09 GMT
server
cafe
content-length
212
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
private
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E4A 		124 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce456371f2f83e24a2bc75f3ab6f2c817ae2a424390275faa9655fa504dbd81a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyt-cCV4_QCFbBIHgIdNhcFfw&gqi=cX24YcOWIYG1tweUj42oCw&layout=/sadbundle/%24csp%253Der3%24/15703889387851581996/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COyt-cCV4_QCFbBIHgIdNhcFfw&gqi=cX24YcOWIYG1tweUj42oCw&layout=/sadbundle/%24csp%253Der3%24/15703889387851581996/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
40292
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:10 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 704E 		98 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a559b157031fdbcf640109188149715978cfa0572fe5135b89879900b849193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
31260
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:10 GMT
cache-control
private
g.gif
pixel.wp.com/ 		50 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=113111616&post=683787&tz=3&srv=kenyannews.co.ke&host=kenyannews.co.ke&ref=&fcp=1887&rand=0.20699866860337535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
/
kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116&relatedposts=1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/10.4/_inc/build/related-posts/related-posts.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f6ef1618bca7601d9f577e7153748d83203d79cc5966dc2acaaa27a05ba06e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
x-requested-with
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SF31PKT9s6S%2BYIqttmwc1MuKpXCiazMP03kjPxv8Fyx4WAvuoRFkfraDAPlpy1z7yBEY6qdg5MVxxAl4Rc2bLPhpYG0hpTED0ebm88RIW1qp38IPrQWzYChS6MTAzztg%2FSWnDSNCdL7BpqAwZeqL"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
vary
Accept-Encoding,User-Agent
cache-control
max-age=0
cf-ray
6bd707a5bfe24351-FRA
x-proxy-cache
DISABLED
expires
Tue, 14 Dec 2021 11:18:10 GMT
hovercard.min.css
secure.gravatar.com/dist/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/dist/css/hovercard.min.css?ver=202150
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
br
last-modified
Wed, 11 Nov 2020 15:57:10 GMT
server
nginx
etag
W/"5fac09d6-1e86"
content-type
text/css
cache-control
max-age=604800
expires
Tue, 21 Dec 2021 11:18:09 GMT
services.min.css
secure.gravatar.com/dist/css/ 		3 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.gravatar.com/dist/css/services.min.css?ver=202150
Requested by
Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
br
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-a54"
content-type
text/css
cache-control
max-age=604800
expires
Tue, 21 Dec 2021 11:18:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09082651663ea8b53e73a117b32b344ed71a0e004c3de7cae6cc977b5ecf77c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8490
x-xss-protection
0
6c0e6a82169ee878dcbc43393803b843
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/6c0e6a82169ee878dcbc43393803b843?s=96&d=mm&r=g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc
HIT mxp 3
date
Tue, 14 Dec 2021 11:18:09 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="6c0e6a82169ee878dcbc43393803b843.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/6c0e6a82169ee878dcbc43393803b843?s=96&d=mm&r=g>; rel="canonical"
content-length
1528
expires
Tue, 14 Dec 2021 11:23:09 GMT
admin-ajax.php
kenyannews.co.ke/wp-admin/ 		13 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/wp-admin/admin-ajax.php?td_theme_name=Newspaper&v=11.3.1
Requested by
Host: c0.wp.com
URL: https://c0.wp.com/c/5.8.2/wp-includes/js/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d18d8068cf5c16db5da75e9cbc4bb01b5b4aae8d4e9a3bfe6150ab4793a7c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Origin,Accept-Encoding,User-Agent
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJi1N9JWeB1JaLqEJemj12TChrBqsUZbpCbx%2BWEyrWvcPGaDJqk%2F%2FqWmWQCebHHjsy5LyMz8u6J1gRcM%2Bag0SmJ9cfz%2FiuqejgMWNb%2B%2ByX%2FlY1%2BnIxhWBIRoVLZ7Km7EtIs4WlY65ylbABuu5hGP"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://kenyannews.co.ke
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707a618f64351-FRA
x-proxy-cache
DISABLED
expires
Wed, 11 Jan 1984 05:00:00 GMT
rum
kenyannews.co.ke/cdn-cgi/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kenyannews.co.ke/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ae46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type
application/json

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://kenyannews.co.ke
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
6bd707a628fc4351-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Tue, 14 Dec 2021 11:18:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C80C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Tue, 14 Dec 2021 11:05:21 GMT
expires
Wed, 14 Dec 2022 11:05:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1C84 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
faa19f2ac3bae703cbad3a24e7ed3b4ed88e2af435eb2b099b528e8d760a72c7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k4zydiAA5dJCelOKILskCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 14 Dec 2021 11:18:09 GMT
date
Tue, 14 Dec 2021 11:18:09 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-k4zydiAA5dJCelOKILskCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame C80C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 18:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
59666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 18:43:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=38120621280437&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BAE6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BAE6 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BAE6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BAE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdZgTcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTrAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHLq7N4VwM6X0WC2X6VTIWDXpIFyRFHfFgGl7yNJYgM09bYy0pZfuYAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzI2NDI0NzQ4NzczNDc5MRgA&sigh=O3tv2i1Bchc&uach_m=[UACH]&cid=CAQSGwCNIrLMCK79EN4VbPwpSslcrMVUxGNcK7J4rRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 14 Dec 2021 11:18:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 14 Dec 2021 11:18:09 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame BAE6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UPi0Ecz6RLgFmAKdg2ICAgAAAKzvn2VjruG-EHF9uGHFXNxE8ev8dxUcMgAS&wp=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
server
Kestrel
content-length
0
server-processing-duration-in-ticks
253761
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4CD3 		157 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=9019890846&adk=663384383&adf=2789608145&pi=t.ma~as.9019890846&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689233&bpp=2&bdt=1205&idt=148&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=747&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ofEBzphCpn&p=https%3A//kenyannews.co.ke&dtd=152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9edfce0dac6ab21d26a4f721df56a5d766ca603980fcc186fbca93d27a382806

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AEPhMNn1_00CoziH8wNXDkba8aQl8JLPk-jmIy_Nyyn2YCvovLdOyhtrSmxctEbA4IRj0BP4EhsxfCOLh08w7HV47hQFF28jF-omB5LZKt5jlavJh5b36pptv4G29XfSOiLmkgtqmYbadzZ2f9qhIIpU_8Nl5i4cBfKXzEzqxkf4sGNRYjMsn_0FHdB_TdPMvERJ08anVtZglfHTMq3p4MROCMrwppYXlqNGqRzatd57xWTDqvBevl4EPKT0uT6A4yL4hw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
75765660
content-encoding
gzip
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=38120621280437&bg=!x8SlxIDNAAZKWFskSlg7ACkAdvg8WnTw2qflPVx75NGFEezEYrPhrZdqBcdkAxtBkZTd4SWTS-UU0gIAAABPUgAAAAloAQcKAK37EVmukxkjTdxk-0LQ9xJrDr7NxD5-jx6qtWKiwQCeypH16HMz1eGgQMuHB3GBeftcpox4D_rJVB7itZo11HtRDfig_aygYfnePEkFlVX6iYqwTn0NR_WIT4gSTc2q3_gbukgRCCOXbI_tWigY0oMIRACNudSYGNCH6eAmPl-xAWtGMuUJFVVS5SGmk5igFXcbPwxtgoaHZRq8xznqlnkacDVpZ2VWRwlEKS2Jh5kCuWWMcZrl1cnkbASZZshaKfHLOFCEfvIelcZ0kfqQOjOslPhp0WZBFuaGbRSaNITyD0mpjB9yzi7GmXX1Dizm-8JD6MSCoO_3FmcIqUh2w2Gx1qzbpEMI2lvpfbVD3sm3rG94fGoxvcsDyR2tOiO-LDKBxQVTMxM_mXxdldSODbyc5DG3umRp1tDKE0FTDAC5cE3XhIwMtobnqMBPge0U3xLTXhA5XtpD7r7wDJNFGqvdgDho72B7-CPjfEW-zT2nDqUiLV03pfOCQY5G-qkbytM6TSTaUPMFpbPCDiFk-_2uzanwdpk_kBuaLk4O0zrbLk3-cgx63PkEMVKzNkbNXPbRVlLNpDXEaeUPtMaKc08rOE68rSKLZO-mTi9CUgOtD48dvZX9d3xE3djbg97oVWCO1UsvdovEpyGrZ6Ex4Q0_HNTFHtB4Sms6l1RTXqIolvN5dQuBGA7WhanjpLz42B7ID2CfbGrCnp4kgfVu2dHZtkQiwUuUZWaswtNTEIE4tcQtFEw1gOkNlEZIZ6V0FjsGeJq4t598zN6q4wfGmLCBkXbys2kB9aCH0csB6EGCARXaGSYra4C--w2DijbD2YDSXJZ4hlFl2GL0mqKRT9ND2b1hIPUV0j4dkuFe3uL0gniEofCFfaqHoy5LzU0wjjiFFIo6UKU7kh6y6rRmqz5y2-ZXyRvkeYpo8SPLBUbu6inm8aLxWpWWS6qj_jFLRQA7z4bOZBnSFfZ5yi3Iwy9XJdNOZE0dh8n51kxoSQ2W2RjW9SSpHRW5vyPHg5E_jN8jBedE09nlIXJxTJejoB_1moKjUPFM-gsH36nGv7GWPCSFzJqaRE_u4mnMD8U1V6dd6vQpO4r2SmnZpx8ncMp-GPHKsza1hZsP2qBjrq2KqDzcdtl8Kj02W2vFoECF5qGqeAnbmv6K4BM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 18CE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 18CE 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 18CE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 18CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CBedXcX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgTxAk_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv9KBTwYjy7uVC-lpfRF4uOo9CE_nCqjFJNLasCRpSLtKRxOc8WZvIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzI2NDI0NzQ4NzczNDc5MRgA&sigh=13ZzYrGVFlE&uach_m=[UACH]&cid=CAQSGwCNIrLMlOLQKsNd8uKigMml0Nyh4udyaq99DBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 14 Dec 2021 11:18:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 18CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UPi0Ecz6RLgFmAKdg2ICAgAAALCpziK071MgEHF9uGFVHI9udFphi4z9_QAS&wp=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
server
Kestrel
content-length
0
server-processing-duration-in-ticks
286570
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4D9A 		155 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=3612241481&adk=3274895764&adf=3019857308&pi=t.ma~as.3612241481&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689235&bpp=1&bdt=1208&idt=254&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=1734&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=vi6zQ8zyHC&p=https%3A//kenyannews.co.ke&dtd=257
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
349cee4aea2c55f08490f7bdd4d282db6310834612f601c49e8e7eaaa7ad3df8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=snU4x9n1_00CoziHC-Gqn0FWx6k3U87M4DFQKX2ebloAuc6tH3v8NyV_gL2XCizkbEKNRRim8CMcIq5Iw15GkGb3Ncv8Y1Lu_Ua2Q1aqvZcf494uhUCYMEkYlWtPZWTHgnNN7CM7tRcjT6HfRceMbQnSEOyQXg4U9l-u9DwZrBEn93iGbkVgcq99PWPFZ9YTFWobumuMkWnkwHrH4L3R9z8RckSJHxlwK1Q-K8odWCCImE1zRCbgYvm1vftNP3n59kkq2A"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
80635281
content-encoding
gzip
vary
Accept-Encoding
truncated
/ Frame BAE6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ac52e97d7606485f749710e5b28521d2968c75035e845c060228303efe2ae1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3E14 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E14 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3E14 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3E14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZs5JcX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgTxAk_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLUPtHKHLV1ie-SYWNAlYMlOEbuAd68Q9Key4qEkyML79m-UKag3sIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzI2NDI0NzQ4NzczNDc5MRgA&sigh=004rILLUvA8&uach_m=[UACH]&cid=CAQSGwCNIrLMS2lYqdoLCyzfLbDjp-luYhXfVS4SPRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 14 Dec 2021 11:18:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3E14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UPi0Ecz6RLgFmAKdg2ICAgAAADAtMPL6OdngEHF9uGFt6ra44u7i5lTeXQAS&wp=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
server
Kestrel
content-length
0
server-processing-duration-in-ticks
265047
afr.php
ads.eu.criteo.com/delivery/r/ Frame 14FB 		154 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3264247487734791&output=html&h=280&slotname=5928484148&adk=2159430599&adf=2589396760&pi=t.ma~as.5928484148&w=696&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=696x280&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689236&bpp=1&bdt=1209&idt=266&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C696x280%2C696x280&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=266&ady=2571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=fYu63Dj5pU&p=https%3A//kenyannews.co.ke&dtd=270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2bacd4862bf24588d42d06474ecdc3e23e1425551a0572a11ce01b444e55fef3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Tue, 14 Dec 2021 11:18:09 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bxksw9n1_00CoziH63G_7jfFwLNqH2CpRTkMNI8fkN7voKoVBO6IZGOG5q5aCIV5XkgKafhLxRuRf5py_cIQQ-o-6o2NhGAk8KmuWTMhfymsE5MlM1TeVtIgT8LQdj4bjnC6L4KGBof4Dy_FHcvN-VfXi-bZfwAU0B9obZc4WSY0dam6AbXsjLu8qqqN3LIi2vcKqhFdgToeQ4aRCWrUngCPhNxjvYElTjS0a-MAiwUVIwdrEykqeu1wJBYZne-GsNwmWg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
103816216
content-encoding
gzip
vary
Accept-Encoding
truncated
/ Frame 18CE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
692d5bfbe20a07e4a335e0901666ce693c3ff7a515ba8f0373695edf1e77a07d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=1950150
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=9101843
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E14 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=9523257
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3E14 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3d35e6ba90b7cde87180c72195f39051a7e1399c8e4abf03e2ba9d3657a1588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4CD3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4CD3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4CD3 		308 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 09 Dec 2022 11:18:10 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 4CD3 		507 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Fri, 09 Dec 2022 11:18:10 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4CD3 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vVi0O1gLZnpK0PxU1OnM9rwR6ZkGmXlcAlvAHoR87_BRL6uk88rAM0YPRtlOJtbFyNDEJX1rJOivy6riZT1fwT6c34CjWLJCNauoRCVlY8i0p6GCNI01BQM4Nd-cDK03LU8tbLvRrIvvtbZrJtBM3DgkPQS5Pdpy8NRbDmyZRW9_mEvgbJwLINleNgC7_E2EZHjo7oaKVHYGbF_FR5hIPmNz80v4LGfAN0hogG0-kEEFXzxj1mmoF7_tA_7fN0czn9k1fzTMDjTnLCCTF0QOYn3vH36p-z8dT913Bf4EtAgBnMJX3mJlQxHNfDQrVWOxIZm9rzgYrAI8QkbQjyMauSellurnbt1DOtIHjsICcSYj8-ZKf0ijO3qBb_JPhPZYmi0U29y-TGthv82c9Pgrgrt-ofAL_qWijoDmS5zURfIl2bLqVpBXkSvqB47PwYDQuVQzzw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:09 GMT
server
Microsoft-IIS/10.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6233
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4D9A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4D9A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4D9A 		308 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 09 Dec 2022 11:18:10 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 4D9A 		507 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Fri, 09 Dec 2022 11:18:10 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 4D9A 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PZED7lgLZnpK0PxU1OnM9rwR6Zm2t6bYZiRpTgIBCbhTS-B0hXTebO8ojC6U0KMyIPvlt8tXjOWVpQoLPhzDTv6UTAzbdU1OLDzG9jjgwpmKQM1ICqEcaIH7QhQIHbD53X2N3W48YF_Var_kG9lzHhGlb60MRG51i6rgBXs_e-o5V7tZw0OVoz05xSmtWHmDpYtQxghCMWuoa1tdp_3_ohUkjTPuFXrS8mL22uyaQSBaXRhdJ2PrhNORDr5PNCBMG_BgrGcG7fD50tBAsyY7Hp5CrM9mrpwTOmapyVXzG_hbJev4l_Q6i7ab5gJO33ejuy3CUadVUb1bskzJyEjbBvcCt9n7E4c_aM6e6hPQHQarsSXKbEuN8RainTVi_Y5d-qhs9eUcTx0SvuzIzEpNOUL2e-rSrVRKyhTemm2Uteze6g2PwyQPb50lsDk8mmFuBvU5MA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:09 GMT
server
Microsoft-IIS/10.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6769
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 4CD3 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 4CD3 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54385
x-xss-protection
0
server
cafe
etag
4993246191385855005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 14 Dec 2021 11:18:10 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4CD3 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1001578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4lyEIN9fvUpMY8fb5lzED900R4fpcN39puMp%2FInC1a5R5WBe%2FJOwx3%2BtLl1WJFwuWyeL4O7h8KI9aATvGjC0xuVei1gbpwTDn78b%2F47%2FB4p4YLTvPr6a15gnE7KVnEwoWxvQUUMLkDudrFo5AinN83k"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bd707a96eb668e9-FRA
x-cache-tag
abcd1234
expires
Sun, 04 Dec 2022 11:18:10 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 4D9A 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 4D9A 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4D9A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1001578
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cjc4scyAz4kXFRz1uGFhDjcVJiIKubf5PF1CyHjEVULutB1JvtlIXoZktQxUZOgKXQrtdc25LPYkwDaXPxEjx26QFbcC%2Fvn02EDmNvqMGUH0jRbbz9j3z7HAcsQ38mCoF8SwPaNrVWskK3NU%2Bbph%2BLqO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bd707a96eba68e9-FRA
x-cache-tag
abcd1234
expires
Sun, 04 Dec 2022 11:18:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 4CD3 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
all
csm.eu.criteo.net/ Frame 4CD3 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AEPhMNn1_00CoziH8wNXDkba8aQl8JLPk-jmIy_Nyyn2YCvovLdOyhtrSmxctEbA4IRj0BP4EhsxfCOLh08w7HV47hQFF28jF-omB5LZKt5jlavJh5b36pptv4G29XfSOiLmkgtqmYbadzZ2f9qhIIpU_8Nl5i4cBfKXzEzqxkf4sGNRYjMsn_0FHdB_TdPMvERJ08anVtZglfHTMq3p4MROCMrwppYXlqNGqRzatd57xWTDqvBevl4EPKT0uT6A4yL4hw&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4CD3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4CD3 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 4D9A 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
all
csm.eu.criteo.net/ Frame 4D9A 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=snU4x9n1_00CoziHC-Gqn0FWx6k3U87M4DFQKX2ebloAuc6tH3v8NyV_gL2XCizkbEKNRRim8CMcIq5Iw15GkGb3Ncv8Y1Lu_Ua2Q1aqvZcf494uhUCYMEkYlWtPZWTHgnNN7CM7tRcjT6HfRceMbQnSEOyQXg4U9l-u9DwZrBEn93iGbkVgcq99PWPFZ9YTFWobumuMkWnkwHrH4L3R9z8RckSJHxlwK1Q-K8odWCCImE1zRCbgYvm1vftNP3n59kkq2A&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:10 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4D9A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4D9A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 4CD3 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 0-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1286846
expires
Fri, 09 Dec 2022 11:18:10 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 4D9A 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 0-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1286846
expires
Fri, 09 Dec 2022 11:18:10 GMT
/
c.mgid.com/pv/ 		0
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1639480690223638756264&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F&lu=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&sessionId=61b87d72-14c63&pageView=1&pvid=17db8aa06309747d82a&site=291606&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6bd707a9fc97535d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
privacy_small.svg
static.criteo.net/flash/icon/ Frame 14FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 14FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 14FB 		308 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 09 Dec 2022 11:18:10 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 14FB 		507 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Fri, 09 Dec 2022 11:18:10 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 14FB 		43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9GujsVgLZnpK0PxU1OnM9rwR6ZlPYM2EVF1LnJG09WgLd1jhQT7EYdZs092ZisAxIBU_qa3n9ilveqCNFN44QAcotIQBWzOWJOb0WGqMCSFY4O-gXN9LyPIUfpxpio_ajjdNoOL-qSEnM6FkRIy1N6ICQenao2HpEs2S96-I_OUGNzk8w0qhJcy97njVrKf_BMXp0B6JsEnXO7DNfhs5xXgMjzp09GUIvTqjJ_PHbiULyRiCIvTXAPUwKf5zFj9evdpkoXNu_2Rm_HcXUxzIxKzqoa_OJOzkAg1CWDZRkhocg3v8DBM_tcD8_gt2eCZg3Q-XkIvVa4y4kAr89SMwrx3OZx_RmpDONBvUtCY5ShQyn5j2ycAdLSe3yuZ2zyNHExkc8Pm-ipOlNZQQdJOG21GEEdBNv6BkduQkQrbPmYNykI4pcw93ZmAUbymQZ59v6phsqw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:10 GMT
server
Microsoft-IIS/10.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5802
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kenyannews.co.ke
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame BCFF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 13 Dec 2021 18:38:26 GMT
expires
Mon, 27 Dec 2021 18:38:26 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
59984
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame E3F8 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3264247487734791&plah=kenyannews.co.ke
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 13 Dec 2021 18:38:26 GMT
expires
Mon, 27 Dec 2021 18:38:26 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
59984
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 14FB 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 14FB 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 14FB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
402246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4QXUuBbZrxI3yhiIaY0%2FDFXrR35fNEoRHNfMwdZY3m4k62MKfPOWKRkl%2BdDXjRpj%2B%2BF4KdP4s8TfifXSqxbAULBTTTZSJnfJ21RccxUFu%2ByFDZQ24sh8Nn77Robs7XDGE4iFnhFB80xyfz5YZZ8r35%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bd707aacf0b3762-MXP
expires
Sun, 04 Dec 2022 11:18:10 GMT
animejs.js
static.criteo.net/animejs/ Frame 14FB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
all
csm.eu.criteo.net/ Frame 14FB 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bxksw9n1_00CoziH63G_7jfFwLNqH2CpRTkMNI8fkN7voKoVBO6IZGOG5q5aCIV5XkgKafhLxRuRf5py_cIQQ-o-6o2NhGAk8KmuWTMhfymsE5MlM1TeVtIgT8LQdj4bjnC6L4KGBof4Dy_FHcvN-VfXi-bZfwAU0B9obZc4WSY0dam6AbXsjLu8qqqN3LIi2vcKqhFdgToeQ4aRCWrUngCPhNxjvYElTjS0a-MAiwUVIwdrEykqeu1wJBYZne-GsNwmWg&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:09 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 14FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 14FB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 09 Dec 2022 11:18:10 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
cf-cache-status
HIT
age
301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6bd707ab2ebc535d-FRA
expires
Wed, 15 Dec 2021 11:18:10 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
cf-cache-status
HIT
age
302
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6bd707ab2ec0535d-FRA
expires
Wed, 15 Dec 2021 11:18:10 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 14FB 		256 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 0-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1286846
expires
Fri, 09 Dec 2022 11:18:10 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 4CD3 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=1277952-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 1277952-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
8894
expires
Fri, 09 Dec 2022 11:18:10 GMT
178549900425524213
tpc.googlesyndication.com/simgad/ Frame 704E 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/178549900425524213?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnxSLMLzuo4KgjhrQydiiFMJDcvnw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff46f5af26331fcfc5012cf7166c01cc1113691bbbf90855424600ebbd5d3f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 06:09:09 GMT
x-content-type-options
nosniff
age
450541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39208
x-xss-protection
0
last-modified
Fri, 22 Oct 2021 13:04:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Dec 2022 06:09:09 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 704E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:16:48 GMT
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 4D9A 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=1277952-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 1277952-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
8894
expires
Fri, 09 Dec 2022 11:18:10 GMT
css2
fonts.googleapis.com/ Frame BCFF 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 09:30:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 11:18:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 11:18:10 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCFF 		205 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 00:49:15 GMT
x-content-type-options
nosniff
age
37735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 14 Dec 2022 00:49:15 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BCFF 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 00:50:59 GMT
x-content-type-options
nosniff
age
37631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 14 Dec 2022 00:50:59 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/ Frame BCFF 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 10:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8346
x-xss-protection
0
server
cafe
etag
3177319193432224586
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 10:08:09 GMT
de974e0de653beaf8b7a147538108e14.js
www.gstatic.com/mysidia/ Frame E3F8 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576688
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 19:06:42 GMT
ef71563f30928051bf5f5d97e506b840.js
www.gstatic.com/mysidia/ Frame E3F8 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef71563f30928051bf5f5d97e506b840.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63cb35133865eac473826f95c6a9d64ff1fa3da71403ea4f1981e5de9bcd69bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 21:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3802
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 21:55:33 GMT
css
fonts.googleapis.com/ Frame E3F8 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 10:36:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 11:18:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 11:18:10 GMT
nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame E3F8 		225 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 11:09:14 GMT
x-content-type-options
nosniff
server
cafe
age
536
etag
14085932017949564970
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Wed, 15 Dec 2021 11:09:14 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E3F8 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:13:11 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E3F8 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:16:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E3F8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3F8 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E3F8 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame E3F8 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 19:06:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 704E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-R0QcX24YZL4JJaQ-cAPnrSB6ATLz6yGZ5W1wv_jDreAw4jsKhABINnO94ABYJX68IGMB6ABgNONmwHIAQKpAiEo4kwCLLI-qAMByAPJBKoEigNP0CBPA-wT0HdIOHPzyGRap491vtHoMEOHOKWnffp01jFHTC1eDwe6I0_rP5Udmanwgww4FRLvDCquLMw2y259OHgfoSUqqVsNdNB8lGgz3KPxI10I90NOBmY_M95F9rhgWnC2_DkIvovgWJL3unQLNvQtOw6HU-NOypJL2OwxDLIfbNjD_KkesOvRsEdMGe0ZGSMxX9hsWLfD9ekvQORvG0EDVGI0ItgEM15qTQragEWW4X-SiXPumw1TfYWZwb87BW7vWAm31yp5KR4-iJli-k501rqUhZ81uI6XzvdP0HpvG-Xzw1wgdxIIe5uzHpUvv8G9HLB0VGdei88OGeY5eKS4RPhQXcBv_37iJeu7GZiC-Y-152ExIKNAcmxLHwpkGb65H7Nrq0L3BjoDlxIgpxs9BUDGgPvVb3T6p0hEO3R22FFxhLRjhHESt8paYXHdfXYaV45t_x-e3VSnWZ9QZJi3taUVerEinQ1vUrM8q9dDBQYpv4qjrAzelWwQkbdzoCiapc4zZlQEwASmoZah2wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH6Kzy5AKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCNwxDSCAkIiOGAEBABGB-ACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItNTAxMTE3NDMyOTc1ODE3MxgA&sigh=TIplU9cDjng&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 14 Dec 2021 11:18:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 704E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 704E 		67 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 14 Dec 2021 05:32:01 GMT
x-content-type-options
nosniff
server
cafe
age
20769
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Wed, 15 Dec 2021 05:32:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 704E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 704E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
l
www.google.com/ads/measurement/ Frame 704E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDS1VjvvK6-1Qfdn6dcs2-r2UwrE1LqdJalm5UrUDitxUQdPIHY4KSg6UviFD6gnp8cVQabAi4VQT_22IK3tJVvlqtlw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 704E 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 08:11:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11415
x-xss-protection
0
server
cafe
etag
3382072337847676073
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 08:11:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 218F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Dec 2021 11:04:34 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
servicer.mgid.com/177625/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/177625/1?pv=5&cbuster=1639480690504231624919&niet=4g&nisd=false&jsv=es6&w=324&h=465&p3_w=158&p3_h=192&maxw_3=158&maxh_3=192&cols=2&ref=&cxurl=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F&lu=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&sessionId=61b87d72-14c63&pageView=1&pvid=17db8aa06309747d82a&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace3222449d8d8dda2599cf1084e130d4de8deb33213ebfd83eac43c5c696ecb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6bd707abcfec535d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 14FB 		9 KB
9 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=1277952-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 1277952-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
8894
expires
Fri, 09 Dec 2022 11:18:10 GMT
truncated
/ Frame 704E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5bbc92540bc7a12de294ba16a81781404cd7a294f9b7f271ed476c42364c5c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 3A6E 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 10:41:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 14 Dec 2021 11:18:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Dec 2021 11:18:10 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3A6E 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:13:11 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 3A6E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:16:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3A6E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A6E 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3A6E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 3A6E 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 19:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
576689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 07:52:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 07 Mar 2022 19:06:41 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/3362155301219044748/ Frame E3F8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3362155301219044748/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d68886e9024a07c1984e876c26fd176de5dcdfe9ccbac1e0fa3385ca4ca11e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 09 Dec 2021 21:29:14 GMT
x-content-type-options
nosniff
age
395336
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1734
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 08:17:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Dec 2022 21:29:14 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E3F8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-lcucX24Yc3NFpWM1fAPzfmDmA-pjOSEZ4b6mZvoDtOh4pm4AhABIM-78yFglfrwgYwHoAGE8pORA8gBAakCpAVALH7rsj6oAwGqBPoCT9B51GBz5UyFSrSnlsr8j0JHAV_UaZtf6wPYJo58JLqywKgZ2xZE16NMpOrRIbCOE2oyR3DO0acJSnITYgFQomsrApUqp3olukngiBWwjYGeJLQhGdw1BhAEs0Vs7XGDpcg7o0CnQoYeOgrO7tbuqrZDADzVMpxfADLPXD-xdHKlWdbmXGv_0id9Zjf5SEWCysDYMmcjvwqUtCMVVA6OLQ9oXaiLWB2k7wWsJX45-RK01Aoec-jKQw1sSV2DJRzFq19Bpj821Lnv_UBIfNPCfvUdUnXpf39XzK7Y3ulZrVSkRjiaB74Mmh6eRkne3FrT3Do4K7gWYWgSWOQK504p_HoUMwiUUi_EzjEGVx9olXPLqYi6L9-LQDQv7btckP_3SKhMFJTdtuYlU19a66SyxkyAiD2bgynup_zt9aFR_hB9YWU6eYcELfs57MHjcD2mCC4rRuRShpnLvnjXZMOly1Wd58V1FQjnI8cBJLHxnuPS2IEWh2m7hJYfwASF0qG33QOSBQQIBBgBkgUECAUYBIAH2u7AdagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENfuNdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi0zMjY0MjQ3NDg3NzM0NzkxGAA&sigh=9eKWn1nhwBc&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 14 Dec 2021 11:18:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 14FB 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
cddfac6c13eab61808fa97904a93ef656603027d26e2e3edc708dd1ab434f11b

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=196608-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 196608-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1090238
expires
Fri, 09 Dec 2022 11:18:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A0C9 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Dec 2021 11:04:34 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame E3F8 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a491af5828737cb6a41482ff4aaa729f6cc7a64f0d3d8c67598ac7cb08a1699

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 218F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:10 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 3D90 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=3299374158&adk=1437287584&adf=1662062829&pi=t.ma~as.3299374158&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689239&bpp=1&bdt=1212&idt=311&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417%2C324x250&nras=1&correlator=8619979644911&frm=20&pv=1&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=1231&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=3rvFsMcfeI&p=https%3A//kenyannews.co.ke&dtd=314
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 18:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
59667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 18:43:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E45C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Dec 2021 11:04:34 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/ Frame 00BE 		23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41f8138a489bc1f75f88590f9b079005867ea33a30d0dd6582c29eda7b5f53ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Thu, 09 Dec 2021 23:03:09 GMT
expires
Fri, 09 Dec 2022 23:03:09 GMT
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
4547
age
389701
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 4331 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cji7RcX24YayxI7CR-cAPtq6U-AeaqorLZqb-y-HaDojD8o_OHRABINnO94ABYJX68IGMB6AB1ZynuAPIAQmpAvZv6pNm6rI-qAMByANIqgT5Ak_QH0v9byH6Qspmfxik-Le7tjZQv4uRkUxFkmqPwF3CJ_U0La3ExW0IN8lERnx_uq9cBvziDmaCcp0JIgjKFNSBf_qf5acCktZF6ppffHNE3jfHvEaciobjEY2617VtckYgNZwHQZVY1-UGjJrO7ALVZxALOicA1nugl-sRF2Vmitw_lcuBmEFbNtQMjzGk47xX3o3ftb-6bAf2z0ug6tiq3X7MzA5Z5YKd_5M23yDAFJrETGJM3moso4dhTI60_8t9QMy8Uuxu0Xh916t-NxcjbwdL-eSaxCWjuT0eTX1AsD3Lvvduaoy7v2J4DYlG3tLsXY_iVrno7a5PYDh7DmOZG267woufGzfzSjgLy0cFdB9eyv9YR2QTZe7t4pRxl3-6QxbZMchGxhK0ziOKsiNsdQi1NxHcG2I0CPQIllfVa5Vxuj9JlWPSYEmYHCTPHpuiXSUdpsmEx63fuTgqHZ-QSlT1FuvMx-aHNDsqKo-u0z3WCCiwqB7wwASmh7Co3gOSBQQIBBgBkgUECAUYBKAGLoAHk-PYR6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEK_HDdIICQiI4YAQEAEYH4AKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01MDExMTc0MzI5NzU4MTczGAA&sigh=fmMCtRT5tjU&uach_m=[UACH]&template_id=419
Requested by
Host: kenyannews.co.ke
URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 14 Dec 2021 11:18:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 4331 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:16:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4331 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:12:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:12:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4331 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 14 Dec 2021 11:18:10 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4331 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:06:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
722
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Dec 2021 11:06:08 GMT
l
www.google.com/ads/measurement/ Frame 4331 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzirQfrM2Z5E7-KymkTy5zeXTSUOxvVhwVImr7WvQ0xYwUYXqqt7Zh9TctgCUmzJnwRI7l1816o-mJ1uLUPqWEWABj0Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
cf-cache-status
HIT
age
301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6bd707adaa8c4dd6-FRA
expires
Wed, 15 Dec 2021 11:18:10 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
content-encoding
br
cf-cache-status
HIT
age
302
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6bd707adaa8e4dd6-FRA
expires
Wed, 15 Dec 2021 11:18:10 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZlNDMxZTYzNWIxMDNmOTAzNTFiZjQzN2M1N2EzZDk1LmpwZWc.webp
s-img.mgid.com/g/4017817/213x142/0x15x595x396/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4017817/213x142/0x15x595x396/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZlNDMxZTYzNWIxMDNmOTAzNTFiZjQzN2M1N2EzZDk1LmpwZWc.webp?v=1639480690-jYrB9yFLuf-6sMWpPE91610jabycU-EcFtqVSBFM3Cg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4360d923f52cd96a84b3831fa1f19dc2420a3a36108c2335f600d491ca349ce

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:17:48 GMT
x-mg-request-uuid
6c7c93ba-5a43-4b21-a65c-111f79e08c0b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6bd707add9d33128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4184
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp
s-img.mgid.com/g/3805476/213x142/0x0x629x419/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805476/213x142/0x0x629x419/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzI5YzJmMTJhMmJhYWMxOTA2OTJjOWE3NWI3ZDM3ZWI1LmpwZz90PTE0OTc5ODEyMTMzMDg.webp?v=1639480690-ogAeg7WoKvCz7tMBVAxTKMrGcKTSYT_ZokXLpMyCWaY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b1d8650c9ac8fe5a857a1a4beb1d0f5a3835fbeade24cafbf51715e0dc3d450

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:49:58 GMT
x-mg-request-uuid
163f8f3b-5dd7-473e-95e9-bee00922aae3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6bd707add9d43128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5190
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QyMTM4YzQwY2U5YTRjZjhmNTJhZWE5MDc5NjQxZTg2LmpwZWc.webp
s-img.mgid.com/g/4023133/213x142/0x59x501x334/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4023133/213x142/0x59x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QyMTM4YzQwY2U5YTRjZjhmNTJhZWE5MDc5NjQxZTg2LmpwZWc.webp?v=1639480690-8A09Koan-Ki5fESW83hrR5X4yJpw_lbAdQUpRq_4Alo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8ebd05f93e55a6a3cf12d66af84b3b2638c789fc520b3781c6746a5fc786c6

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
cf-cache-status
MISS
last-modified
Thu, 11 Nov 2021 16:17:35 GMT
x-mg-request-uuid
557dcaea-d642-42e8-b70b-acc58066dd2c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6bd707add9d63128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5120
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y0NWRiNzdiOTEzYjUyNjA0YzM3MDU2ZDIyOTgxYjUyLmpwZw.webp
s-img.mgid.com/g/4045276/213x142/0x51x564x376/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4045276/213x142/0x51x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2Y0NWRiNzdiOTEzYjUyNjA0YzM3MDU2ZDIyOTgxYjUyLmpwZw.webp?v=1639480690-ibg0O1QAIhici1HDkjKxqWWSYssLhgQZySTsx-CldxU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
756baabf1f5060efcd9a768219b078854c7e9b9752e466a39560ba3fc52f445d

Request headers

Referer
https://kenyannews.co.ke/
Origin
https://kenyannews.co.ke
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:53:20 GMT
x-mg-request-uuid
ae2f8711-b10b-4286-9df1-e7b15b1a7fc6
age
4188
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6bd707add9d83128-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7420
server
cloudflare
22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4
static.criteo.net/design/dt/2936/210730/ Frame 4CD3 		1001 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/2936/210730/22f985d15e4a45529360f31cf4aa7e48_showcase_9x16.mp4?ibv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range
bytes=262144-

Response headers

date
Tue, 14 Dec 2021 11:18:10 GMT
last-modified
Fri, 30 Jul 2021 08:11:16 GMT
server
nginx
access-control-allow-origin
*
cross-origin-embedder-policy
require-corp
etag
"6103b424-13a2be"
content-type
video/mp4
Content-Range
bytes 262144-1286845/1286846
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
Content-Length
1024702
expires
Fri, 09 Dec 2022 11:18:10 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C6AF 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 14 Dec 2021 11:04:34 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 00BE 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 16:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 14 Dec 2021 16:08:31 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 00BE 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 16:13:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68671
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 14 Dec 2021 16:13:39 GMT
4e1dc685496f587314059a663e50af6e.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/ Frame 00BE 		79 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/4e1dc685496f587314059a663e50af6e.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c29ad9e302d80291cac583c6a954c1c70ab8e7faeb52444253dc5256ac8326b9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
389624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20652
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Thu, 09 Dec 2021 23:04:26 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Dec 2022 23:04:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A0C9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:10 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4331 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c905dc3dce158245ad7d9e6a4b7e80d45f6ef9d6f26f324bf5fdb8ad405d54df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame E45C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:11 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:11 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame C6AF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5011174329758173&output=html&h=250&slotname=4389094548&adk=3204493625&adf=3009597698&pi=t.ma~as.4389094548&w=324&fwrn=4&fwrnh=100&lmt=1639480689&rafmt=1&psa=0&format=324x250&url=https%3A%2F%2Fkenyannews.co.ke%2Ftechnology%2Ftech-news%2Fchrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals%2F%3Ffeed_id%3D62329%5Cu0026_unique_id%3D618adad98c116&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639480689238&bpp=1&bdt=1211&idt=281&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcb9244dcb49fe4cd-22c33b3c07cd0063%3AT%3D1639480689%3ART%3D1639480689%3AS%3DALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA&prev_fmts=0x0%2C696x280%2C696x280%2C696x280%2C696x417&nras=1&correlator=8619979644911&frm=20&pv=2&ga_vid=962221062.1639480689&ga_sid=1639480689&ga_hid=1631946876&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1010&ady=140&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753743%2C21066430%2C31063825&oid=2&pvsid=38120621280437&pem=335&tmod=553&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&fsb=1&xpc=iaPBSIOtxV&p=https%3A//kenyannews.co.ke&dtd=289
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 14 Dec 2021 11:18:10 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 14 Dec 2021 11:18:10 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
42a444e89481e9b5167a1e38791e18b0.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/42a444e89481e9b5167a1e38791e18b0.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f0fad378d47df32231df6c6baf929d898f896d07e7b71da0ef2168894963f7e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43087
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
2f714f6d90344b815dde33bdff642456.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/2f714f6d90344b815dde33bdff642456.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40fca43f3ef3ce5c071f3fe6159a3bf0b81ed06609bab0c3fe0c13c53d3c248f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2697
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
68ec256ede4b79d8add6cd5b38373b14.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/68ec256ede4b79d8add6cd5b38373b14.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8543fd815b5a4bc0852ebce5520090ca6af420e10569c8a60813932e57fc863
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11427
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
2dda468af43aa5f0ca978666a7df5ab8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/2dda468af43aa5f0ca978666a7df5ab8.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e9425dd2a9ef78ff5ea9bd57770c44cc7478c0a0d9d7c6e2bec412264bbb3d0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1862
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
e6624045424a080ef880ccdde6d4f40b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/e6624045424a080ef880ccdde6d4f40b.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5dc2394c7c507cd2128b6720546a5d79cb0df8f7129dbeb8645a0dd5b5ed2edc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
1072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8717
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Tue, 14 Dec 2021 11:00:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Dec 2022 11:00:18 GMT
045107f403f9356bc529eeaeae0cb7d6.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/045107f403f9356bc529eeaeae0cb7d6.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0ab4c5b5cc17b0c2e2ede197ba5d9c5f3f1a21ddc991791b5e32690eda15e7b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
1072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4390
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Tue, 14 Dec 2021 11:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Dec 2022 11:00:18 GMT
903ae1d36a2148a9af73512db35068b2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/903ae1d36a2148a9af73512db35068b2.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a54265b9435aa1d8d35ae1e1a6734ad8fabe3da02b7621221a884a92947693
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6341
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
c31d4e3928ff076cf9ca0604e10a0175.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/c31d4e3928ff076cf9ca0604e10a0175.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcac404183c59f1947d7e599e01c830ab790f220f0f40529f4aa71b3d7a30e26
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
1072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Tue, 14 Dec 2021 11:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Dec 2022 11:00:18 GMT
250c4fe2b2b904bef3db099ff9da0466.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/250c4fe2b2b904bef3db099ff9da0466.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51205131e238bfb5058db50bd6dc194a798723838990b3e0731b189b46730389
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
1072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6180
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Tue, 14 Dec 2021 11:00:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Dec 2022 11:00:18 GMT
8be9fa4b759e9cb28f1007e09d476ea6.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/8be9fa4b759e9cb28f1007e09d476ea6.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1340b114e2e57f453b6ec2cce518bb4bddba6544877b4ac5e51b3abb43477fa7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
475573
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3138
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Wed, 08 Dec 2021 23:11:57 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 08 Dec 2022 23:11:57 GMT
d1f4ea5e3d5ebb0d94cc1af52495c58c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/d1f4ea5e3d5ebb0d94cc1af52495c58c.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
551c4efc082fb801786e0fa1f67a5d0c5a2840b72374e3e475d53226e2e54928
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3298
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
191ce260b63ad19a1884689594e2d4ba.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/191ce260b63ad19a1884689594e2d4ba.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1e550140fb6da0432e57a185837b6f87aa38ccd3fe384ebc3905c88a83eef44
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
1072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3253
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Tue, 14 Dec 2021 11:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Dec 2022 11:00:18 GMT
0c917c346e8881c731ef91aff78577cb.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/0c917c346e8881c731ef91aff78577cb.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761282cad825ce409c7a28e06bec96ffa2148e86779b338ea4b4e019b5b4c36
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
43921
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3424
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Mon, 13 Dec 2021 23:06:09 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Dec 2022 23:06:09 GMT
4bcbaf5524989d380a394eaa4332fea7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/4bcbaf5524989d380a394eaa4332fea7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc38b872bf4c61d8eec999705110f061626246653b6daf4e97724420f2eb27ca
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
1072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2679
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Tue, 14 Dec 2021 11:00:18 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Dec 2022 11:00:18 GMT
i.js
cm.mgid.com/ 		2 KB
1005 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1639480690955300120784
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a416a4fda4f828803796ae2dcc0c09af99f0d2af2be3ac8060e79141b44d39e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707ae8cb3535d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
5e709e111c59ae465d36e7f829edb8b7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/ Frame 00BE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/media/5e709e111c59ae465d36e7f829edb8b7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15703889387851581996/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b69a48f6a6b7ac2869d295efb34fe1ec60104934e3c9d8f0d6096e53bab712d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
389624
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1754
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 13:48:17 GMT
server
sffe
date
Thu, 09 Dec 2021 23:04:26 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Dec 2022 23:04:26 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BAE6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKAXCUp64Q5Wq6FfdTpqFEt3YWVe2v2vyHdNQxZODRO6MAJ5n1MElkVNTvXPGKIjcfymd0ADCbdRppINfUrZU9&sig=Cg0ArKJSzMlmscJm2V9kEAE&id=lidar2&mcvt=1018&p=0,0,280,696&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=663384383&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639480689386&rpt=580&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i-noref.js
cm.mgid.com/ Frame 55B0 		19 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1639480691002570688033
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/e/kenyannews.co.ke.177625.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707aecd1b535d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
pagead2.googlesyndication.com/bg/ Frame 00BE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 18:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
59668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13559
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 18:43:43 GMT
sync.html
s.adtelligent.com/ Frame 28BE 		1 KB
884 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1639480690955300120784
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

Server
VertaMedia 1.0
Date
Tue, 14 Dec 2021 11:18:10 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://kenyannews.co.ke
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 4730
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1639480690955300120784
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 14 Dec 2021 11:18:11 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Date
Tue, 14 Dec 2021 11:18:11 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=f4cf888f-d512-535c-b6c9-9581d771e8f2&ssp=mgid&expires=30&user_group=1
  • https://cm.mgid.com/m?cdsp=433145&c=7117e64c-adcc-444d-addd-a68961621988&gdpr=&gdpr_consent=&us_privacy=
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=7117e64c-adcc-444d-addd-a68961621988&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707b2fc344dd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=7117e64c-adcc-444d-addd-a68961621988&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 14 Dec 2021 11:18:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lbeaBq8QVYi3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6bd707affd3754be-MAN
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbeaBq8QVYi3
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=4043782262874785519&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 14 Dec 2021 11:18:11 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=191cb042-85a1-48ac-87c9-2d55dfccd142
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=191cb042-85a1-48ac-87c9-2d55dfccd142
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707b07fa44dd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=191cb042-85a1-48ac-87c9-2d55dfccd142
date
Tue, 14 Dec 2021 11:18:11 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJlYUJxOFFWWWkz&muidn=lbeaBq8QVYi3
  • https://cm.mgid.com/google?muidn=lbeaBq8QVYi3&google_ula={guid},5&google_gid=CAESEDq6a4vaa-8i7P03tZYpm2k&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lbeaBq8QVYi3&google_ula={guid},5&google_gid=CAESEDq6a4vaa-8i7P03tZYpm2k&google_cver=1
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6bd707afde974dd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lbeaBq8QVYi3&google_ula={guid},5&google_gid=CAESEDq6a4vaa-8i7P03tZYpm2k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbeaBq8QVYi3
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbeaBq8QVYi3
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/7117e64c-adcc-444d-addd-a68961621988?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/7117e64c-adcc-444d-addd-a68961621988?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/7117e64c-adcc-444d-addd-a68961621988?zcc=1&dspret=0&cb=1639480691343
  • https://sync.targeting.unrulymedia.com/csync/RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:11 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003
pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lbeaBq8QVYi3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6bd707affbb1e59b-MAN
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=31239a3c-afe2-4397-9249-f3768415272b
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=31239a3c-afe2-4397-9249-f3768415272b
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707b3cd9c4dd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=31239a3c-afe2-4397-9249-f3768415272b
date
Tue, 14 Dec 2021 11:18:11 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
mw
mwzeom.zeotap.com/ 		95 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lbeaBq8QVYi3&zpartnerid=1532&zdid=1532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 11:18:11 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://kenyannews.co.ke
access-control-allow-credentials
true
cf-ray
6bd707afdc4b3743-MXP
access-control-allow-headers
*
content-length
95
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=10bcfc87-1050-41bc-8235-e25a1f0cb960&ttl=1642072691
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=10bcfc87-1050-41bc-8235-e25a1f0cb960&ttl=1642072691
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707b09ff04dd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=10bcfc87-1050-41bc-8235-e25a1f0cb960&ttl=1642072691
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=pwn0KaUxGoR9innptL4S&pi=mgid&tc=1
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=pwn0KaUxGoR9innptL4S&pi=mgid&tc=1
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kenyannews.co.ke/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bd707b07f9c4dd6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=pwn0KaUxGoR9innptL4S&pi=mgid&tc=1
pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT, Tue, 14 Dec 2021 11:18:11 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4730 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
971bbbdac4633caf3f3ead10a418d5c506a62e71b3839e47a26c09747b623f7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 14 Dec 2021 11:18:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Dec 2021 17:06:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=82426
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9507
Expires
Wed, 15 Dec 2021 10:11:57 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4730 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
all
csm.eu.criteo.net/ Frame 4CD3 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AEPhMNn1_00CoziH8wNXDkba8aQl8JLPk-jmIy_Nyyn2YCvovLdOyhtrSmxctEbA4IRj0BP4EhsxfCOLh08w7HV47hQFF28jF-omB5LZKt5jlavJh5b36pptv4G29XfSOiLmkgtqmYbadzZ2f9qhIIpU_8Nl5i4cBfKXzEzqxkf4sGNRYjMsn_0FHdB_TdPMvERJ08anVtZglfHTMq3p4MROCMrwppYXlqNGqRzatd57xWTDqvBevl4EPKT0uT6A4yL4hw&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:10 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
csync
sync.adtelligent.com/ Frame 28BE 		0
0
all
csm.eu.criteo.net/ Frame 4D9A 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=snU4x9n1_00CoziHC-Gqn0FWx6k3U87M4DFQKX2ebloAuc6tH3v8NyV_gL2XCizkbEKNRRim8CMcIq5Iw15GkGb3Ncv8Y1Lu_Ua2Q1aqvZcf494uhUCYMEkYlWtPZWTHgnNN7CM7tRcjT6HfRceMbQnSEOyQXg4U9l-u9DwZrBEn93iGbkVgcq99PWPFZ9YTFWobumuMkWnkwHrH4L3R9z8RckSJHxlwK1Q-K8odWCCImE1zRCbgYvm1vftNP3n59kkq2A&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI2hsKhhTUAAkthz8gjxkglwU7kFr3kA&u=%7Cy9HeM6KK5KgDNOurWwkayR%2BCHsrVJjN5%2Boq9QAUUEPw%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7dgojBaVQbv-5QAxKix4WjsdvH1mMHrvdJROtkvWDhFQ2M-Uc4J5zTalOaHRmkXm3V5ZInPUFfQrRcw6YnC3XdMNxtiJOC1x0CJgyyT3RbTS2-Wdm0kmKypGPHpZlSg1a927oE5ly1AT2q5c0VRONraw6FU3zFEANQUxp2rOuuIT2Jj5d_K2ZOQGwZfFx9zT-rIXm-o1ywexkdu-ijwJPAgjW_toFxVuwBSDsUaRQmBf37kSMB_FCwe3t-1o-QmVGuOBklbPInlwvFTB5-jTyvfIfT-_ZaHBmIdPdG8_KZOLmNG8HH2Nux-C2w3nuRUbrzbVnNkgyUS1PrAN4ylxTjde02MAB699r5dJxDzXc-dxN8gEVDiIrDRKNHyIsur4uP0WScHvv77NCqb8Za75YhW8--m9r2AY5IIX_8L0CKrQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCh2CccX24YZu0I9SpmASH26TAC8me0rFczaOW93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAgQ2-ZZ96LI-qAMBqgT0Ak_QHChoB6C-OXLMIjH184tXEcZZz_xBghqhF-zoRAKm_h1JbNyTD_uxaDhgj0CoYlCp_oaQ7lGoYYkEjBtDx3gKPxG3g_PJgx3O36501EoQw4Crhqr-4ZBrYCdBWVFg-PkocGTAyiG_n1MJcLhtG-D2GiQIZkvn1I2aHnvk4zC44xfIXj9ystDYaXsk1tfnLjS1fBRqUQEAq-nZBLURQoNfVRnfnof-1UWLrY2Mmv9wcLkoICggVPyOTjtPtaTNYOMt_cHq2kGMz9ZlBseLWkkKwAsBx_NtkCgh0qwwI-h9V_epgvSfACxeReuc6M2qcMjvf4ohT6IAo70CelkYgnhryb7H1EAqZMbgY2ZG4XWPBfRGl0C5AR9dMT5v4I1-lWh_P0vYdqejcfczPxQZEkmVNz389Nj_KGtF7Eeu199xQ9_sW8-iYhNxjv8IBx2KCKFyR5A5sVeV30VQ_TU1KiCNDBH_ov03V53zBQTL2UGKAxQCTIAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1LqRkzPnWPwyWZfcbCvvat3UhOEw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:11 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame E3F8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvT9woEWAE9WwCzaxM809GOaSm3P0VKnKj6eiGMI9eReo-e9qUujulFz4Nnyo3AB8evOJMtIV-v4XrqCpl2TeJe5MKI3oGTmPAZGIZOM52oLkjR_4Q8-Q&sai=AMfl-YS0Y1do5-vb2v0U8rozg3ymo0GrNBvUwOOgiwvnXK33tRh9XIMihTmpSthTghm9mK_V68UNxHUIyAQt&sig=Cg0ArKJSzP0EbZDmnQV3EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=306,972,1001,1001,1001&tos=306,666,29,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639480690278&rpt=579&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4331 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlGu31yjg09tmRr0TWAfEtLVgmIMRmxh0SwoONiS9y9Ul3Z0_PoFf001UPDwDRDjEq1J06FQSLMh-034cqqDbLqgHYobQv6Ajn4n5X47W_xzM5bpzkAANmeleH8RoLaYz7ef2KM5eS3zp4&sai=AMfl-YTVmPB_9vpQHTnWHfDFJHkp2bjBBwJ2NQWgSZU5z6BwiM8W6B0SF4w5sfmCN-PCOV65sbJmSxN_E8ES7jgWo2mDwvRF04MdEho3DJx6UB_EecKa5Um-V40Tf2uk8qJ6&sig=Cg0ArKJSzMjKJ49jMo9EEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3204493625&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639480690727&rpt=161&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 14 Dec 2021 11:18:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 14FB 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=bxksw9n1_00CoziH63G_7jfFwLNqH2CpRTkMNI8fkN7voKoVBO6IZGOG5q5aCIV5XkgKafhLxRuRf5py_cIQQ-o-6o2NhGAk8KmuWTMhfymsE5MlM1TeVtIgT8LQdj4bjnC6L4KGBof4Dy_FHcvN-VfXi-bZfwAU0B9obZc4WSY0dam6AbXsjLu8qqqN3LIi2vcKqhFdgToeQ4aRCWrUngCPhNxjvYElTjS0a-MAiwUVIwdrEykqeu1wJBYZne-GsNwmWg&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAI6IcKhtHOAACbI6GhWwYHtwZkIbztWA&u=%7Cy9HeM6KK5KgsFVaycvWjxXH8vspGRltxQS8gACRBs1E%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs7rA1TQHWnwbM1EAYC5x9ZrYxbgBaDMRyKtqX5fkY9_DmC2_We6TQgXP7VLJFKcBvJR3HT-dnPjHAJ_6wiV5XUFY243TU1x7A0AFZBLxr01vPPbBEdnS3_0-1mDgLAUTagHVWkRIJpRVG1Twg04sw7Ju8pl7Je2XHpZidAgZVl_5sYcooWq91C4l_GbT0EbI3fmprQA4lTZbqkqJ7hyxAnNUF4-7xd6ALif1gP-orbiT5ADXnypiYUdOc2jrC_SFsfcYBfxKWMp4-dCPhcZsg-0QQey5l62OuFyrBqiKrX6TQQL0Caku6U-V-rb6m2IaDIaRk_msa0OQ3T70h-ywhrrnKuvdOmlPLyR8kNxPL-17bHPfp3t951-lD-5MdWuVDGSve5XvuwWLkVDmO5wuIfkq_uClixM8Zjqtpty1UBTVw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4EccX24YYfRI86jmwSjtoLwCcme0rFc9Z2Y93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAvZv6pNm6rI-qAMBqgT0Ak_QuqYed-y1OIEZwhJnOR6RZpITcV1pszLmhFPnqMnU9ru8GnkMAtbddhZHmVZ0B2TBFT8iBTb3_uuIEaRZB1XgvOUFleYiuUWz8E0ynt-hluTa77Iuxg81j7vjCleSoTgSK9MpivH7_pb0_Q_8UAmr2gO6ys6KGoed2F8Xl6tPG0zanHOEKslMfhDviF71n2LKMEFhzECeDqFRQYPjIPYW8bvyfSVjfyPAQ3D96ykMZEBi6mRYXYgUBuT5W60GNb6Mut_j4fLo6yibDxQp50BGBkyBZcnVOCf_FFAoB8ULAq-vILwFj75JkGaqZOlkxq4nuhXpM25UBrWWSWYRXph5SEy9A5VLCwKafXKxbA55g0_8f02vhwpKYJDNz__4bVlk7vjMgdg6mEH_SLtRp9NcAVH60sGCHIfnSD39Tw4_rBoRaVT0Bz8waLVNtlMVqtL-aFsETHP1XW-2GK-KwaU-7CUGKpyCOn3l2ncRgywkD48WX4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0ufvcVLSPxYAj613n7bYlwoOHDzQ%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 4CD3 		0
99 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AEPhMNn1_00CoziH8wNXDkba8aQl8JLPk-jmIy_Nyyn2YCvovLdOyhtrSmxctEbA4IRj0BP4EhsxfCOLh08w7HV47hQFF28jF-omB5LZKt5jlavJh5b36pptv4G29XfSOiLmkgtqmYbadzZ2f9qhIIpU_8Nl5i4cBfKXzEzqxkf4sGNRYjMsn_0FHdB_TdPMvERJ08anVtZglfHTMq3p4MROCMrwppYXlqNGqRzatd57xWTDqvBevl4EPKT0uT6A4yL4hw&sds=2&rev=79757.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ybh9cQAHFaUKhoqaAAPTBiPo__poSaMAy0MRDw&u=%7Cy9HeM6KK5KhLystljTrzVtuH%2B0YwaXh5ejP%2FFADVed0%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqAW779B9F1MidQOlbsk0X0Xy7tNshgribcxVRhw6kGV_cGxtwDSrFBxfJD-12ENTs61fhsas9fWDRguzH22Ibh-BRv2_s7mQggQ3Aje0i82H7SUgBEDTDAUmSJF448kIBLwed8dYV1uuweoG8nyX__GeXG-wMHZSpb4_bPZ6nVapo_7yo-rj1dE0o4g5y42V_oivsFQ6vMnywQzg1dFXOHyaMzBjoXGdGZUbx4XScLJ_vD-gESfZVpD5xClSvdUSOtHxvK-np4x6LvIE67DDBsUwWyJmDWoXHdl4t0JCnrDxKvZwSWZ4wsB7Lo6hR0hSJ8gXzBIyl21AhRKuzkKUfXaVz-_nTObZPC3rp_XpJYpnmpGEc_76Wg0FTyERBJKCcvCTItyTDkkLVyzFSSel6h3KufLh3uN4UvFGwBAQSwo7_IbSPbgKOKYSd8pLFUDMaH3Y49o3fdQb0jbdQkXS87uwCHgpxTs2dIIvKKmoEIUHQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC45BJcX24YaWrHJqVmgSGpo-ABcme0rFcvY6X93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItMzI2NDI0NzQ4NzczNDc5MaAB1bbS6gPIAQmpAqQFQCx-67I-qAMBqgTuAk_QW2oBuAHJ8CAltheZU40u9Z0x5jY-Zn3Eu-GYJ8-QMyWAbuBZmGVdDRadZGbaJkuErlcjdq1a5r7UA6UffFbzYzDd1a6SvnmlIRs-xd76_gdtGIWi42eV2RPSaxiRcADqNV-yEbxxWvxPysZC1rknqKydOsdO5kphbnuzJAo2bTGEupZA7eH-Jel-bbtXwPRBOfPdQ_YzJz1m-nvrVpFCX-_jGrvJLC1O4K7iGCguthH78UjGh4o0YgUNWoT9aa1TzFBDLak9T1L6b5cKGpjiTriMkPaXvyZSqfqyPlKD3lhA0olY0y6H_iIyhBEAXCPuz8OFNZgRKcS9r_VTIfvcbGVvDwun2YYzKJxAyJK3P-2c1s4Ux1_l-rgYVyYHYJwU8QJPJB4wNtcwLhcAON49hC_VUJItw8XXyDg1E0rIMQOqcHKo7v-HR0ELwt8qSwaDHMYvrZV48lvxDoMRJx7vkLwq2a63eBJMBhQUd4AG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1kNLHQIDC8g4gCQ4wLPsmQBWMTIw%26client%3Dca-pub-3264247487734791%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 14 Dec 2021 11:18:14 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfQR object| __cfBeacon object| google_tag_data object| gaplugins object| related_posts_js_options undefined| $ function| jQuery function| gtag object| dataLayer object| tdb_globals object| tdwGlobal object| tdaGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce string| tdsDateFormat object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| AMP object| WowzaPlayer object| $wp number| google_lpabyc object| block_tdi_80 object| block_tdi_89 object| gaGlobal object| gaData string| google_user_agent_client_hint function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| WPGroHo function| _ function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady object| _mgIntExchangeNews object| MarketGidInfC177625 function| MarketGidCContextBlock177625 function| MarketGidCMainBlock177625 function| MarketGidCInternalExchangeBlock177625 function| MarketGidCRejectBlock177625 function| MarketGidCCriteoBlock177625 function| MarketGidCInternalExchangeLoggerBlock177625 function| MarketGidCObserverBlock177625 function| MarketGidCSendDimensionsBlock177625 function| MarketGidCRtbBlock177625 function| MarketGidCIframeSizeChangerBlock177625 function| MarketGidCContentPreviewBlock177625 function| MarketGidCResponsiveBlock177625 boolean| mg_loaded_291606_177625 object| addComment object| jetpackLazyImagesL10n undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| wp object| fifuImageVars function| addHoverEffect function| cropImage function| isValidImgClass function| disableClick function| disableLink function| fifu_fix_gallery_height object| _stq boolean| __cfRLUnblockHandlers function| st_go function| linktracker_init object| wpcom string| hash string| new_css function| date object| GoogleGcLKhOms object| google_image_requests object| googletag object| onClickExcludes function| mgReject177625 function| mgLoadAds177625 function| MarketGidCReject177625 function| MarketGidLoadGoods177625 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| google_llp string| _mgCanonicalUri boolean| _mgPageViewEndPoint291606 string| _mgPvid boolean| _mgPageView291606 function| LoadCriteoAllPlaces177625 boolean| i.js.loaded boolean| i-noref.js.loaded

35 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: C.HeGB0AmYzzL_a27_tfDyVmjgDwo98QlxU5gOQKibI-1639480688-0-ASgmlx7DrrzdVVxxtD8ZLXn+gSykCrGQDO4vXUs6excQmohS1NzwIsAsR/y9k2f5PIXJFj0fhZoS/EBmCEl5SZo=
.kenyannews.co.ke/ Name: _ga
Value: GA1.3.962221062.1639480689
.kenyannews.co.ke/ Name: _gid
Value: GA1.3.1721716754.1639480689
.kenyannews.co.ke/ Name: _gat_gtag_UA_92634106_1
Value: 1
.kenyannews.co.ke/ Name: __gads
Value: ID=cb9244dcb49fe4cd-22c33b3c07cd0063:T=1639480689:RT=1639480689:S=ALNI_MZ1yMx_JjNjmwFyikVQlMvg3_wHVA
.doubleclick.net/ Name: IDE
Value: AHWqTUmo7CaVx7Qa7JuCBGBtdPUpWUjo9ul2X9Ww6MQgSdIfQJlp7C72oFs5Fu5vbac
.mgid.com/ Name: muidn
Value: lbeaBq8QVYi3
servicer.mgid.com/ Name: __mglb
Value: ed02bb11b748a9279413c1eb8e47c448
.doubleclick.net/ Name: DSID
Value: NO_DATA
kenyannews.co.ke/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C177625%22%3A%7B%22page%22%3A1%2C%22time%22%3A1639480690821%7D%7D
.e-volution.ai/ Name: v_usr
Value: c05be46b-f219-4986-aff5-81cd2158fa93
.zeotap.com/ Name: zc
Value: 4555d5bb-6cde-4ea3-5ecc-2363da3394da
.bidswitch.net/ Name: c
Value: 1639480691
.bidswitch.net/ Name: tuuid_lu
Value: 1639480691
.bidswitch.net/ Name: tuuid
Value: 7117e64c-adcc-444d-addd-a68961621988
.360yield.com/ Name: tuuid
Value: 191cb042-85a1-48ac-87c9-2d55dfccd142
.360yield.com/ Name: tuuid_lu
Value: 1639480691
.adsrvr.org/ Name: TDID
Value: 10bcfc87-1050-41bc-8235-e25a1f0cb960
.creativecdn.com/ Name: u
Value: pwn0KaUxGoR9innptL4S
.creativecdn.com/ Name: ts
Value: 1639480691
.smartadserver.com/ Name: pid
Value: 4043782262874785519
.lentainform.com/ Name: muidn
Value: lbeaBq8QVYi3
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiek7nPxL-fOhAFOAE.
.idealmedia.io/ Name: muidn
Value: lbeaBq8QVYi3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b7966b2c-4575-445b-8305-fb4c20d3673a-003%22%7D
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: f4cf888f-d512-535c-b6c9-9581d771e8f2
.betweendigital.com/ Name: ss
Value: 1
.mfadsrvr.com/ Name: tuuid
Value: 31239a3c-afe2-4397-9249-f3768415272b
.mfadsrvr.com/ Name: c
Value: 1639480691
.mfadsrvr.com/ Name: tuuid_lu
Value: 1639480691
.betweendigital.com/ Name: ut
Value: Ybh9cwAJVqAaK7im2dcKK9IP6kpli2swwGr2mA==
.mfadsrvr.com/ Name: ssh
Value: !mgid,1639480691
cm.mgid.com/ Name: mg_sync
Value: {"287839":1639480691,"371158":1639480691}

2 Console Messages

Source Level URL
Text
javascript warning URL: https://kenyannews.co.ke/technology/tech-news/chrome-update-fixes-zero-day-crashes-exploited-by-cybercriminals/?feed_id=62329\u0026_unique_id=618adad98c116
Message:
The resource https://kenyannews.co.ke/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-3264247487734791&fa=1&ifi=9&uci=a!9&btvi=5
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
c.mgid.com
c0.wp.com
cat.fr.eu.criteo.com
cdn.ampproject.org
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csm.eu.criteo.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.mgid.com
kenyannews.co.ke
match.adsrvr.org
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pixel.wp.com
player.wowza.com
rtb-usw.mfadsrvr.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s-img.mgid.com
s.adtelligent.com
secure-assets.rubiconproject.com
secure.gravatar.com
servicer.mgid.com
ssbsync.smartadserver.com
static.cloudflareinsights.com
static.criteo.net
stats.wp.com
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.targeting.unrulymedia.com
t.ctcdn.com.br
token.rubiconproject.com
tpc.googlesyndication.com
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
sync.adtelligent.com
104.16.199.73
104.19.132.78
104.19.217.61
109.206.161.21
13.35.253.122
142.250.185.66
178.250.0.160
178.250.2.150
18.194.61.148
185.184.8.65
185.86.137.108
192.0.76.3
192.0.77.37
213.19.147.45
216.58.212.162
23.79.143.124
2606:4700:10::6816:1857
2606:4700:20::681a:b3a
2606:4700:3031::ac43:ae46
2606:4700::6810:125e
2606:4700::6810:5f41
2a00:1450:4001:808::2002
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a02:2638:1::2
2a02:2638::18
2a02:2638::2
2a02:2638::3
2a04:fa87:fffe::c000:4902
2a0c:5c81:5095:0:225:90ff:fefa:245d
35.212.212.222
52.215.211.56
52.223.40.198
69.173.144.138
69.173.144.165
96.46.186.57
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
09082651663ea8b53e73a117b32b344ed71a0e004c3de7cae6cc977b5ecf77c7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a559b157031fdbcf640109188149715978cfa0572fe5135b89879900b849193
0e7088c707941d170c9345ce3004dec27cf3fe8e57088ba398ead8086f2b2583
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
132ac79b15c69fc280701668d70cdce70ee9fe922f53e9b80c5db71e52ae94ab
1340b114e2e57f453b6ec2cce518bb4bddba6544877b4ac5e51b3abb43477fa7
143a36854eac413e4928b490214378642b552e5bd3a054b4584704c3d8d237d3
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d
1b1d8650c9ac8fe5a857a1a4beb1d0f5a3835fbeade24cafbf51715e0dc3d450
1c4b6f3b40d894260370868650fb4f85f2f0c9ac689d804996e63f8c5c649198
1c8ebd05f93e55a6a3cf12d66af84b3b2638c789fc520b3781c6746a5fc786c6
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
2256c9e5605323f852f232fd6819a02cf2cac3e04c84299e19efe83037fd8cda
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
29253cda2582cf73f729b9d120deec4f4ab871a1ef09b653860eea774437439d
2a4e9b3f33edb851ba930430bdbf317a3b95e0974763617d68ec0b555a3bb8fe
2bacd4862bf24588d42d06474ecdc3e23e1425551a0572a11ce01b444e55fef3
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31c5c1a87fd5a19e20de99f7519c6d5775eec7bfac799f8442ff46b107ab2a8b
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
349cee4aea2c55f08490f7bdd4d282db6310834612f601c49e8e7eaaa7ad3df8
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40fca43f3ef3ce5c071f3fe6159a3bf0b81ed06609bab0c3fe0c13c53d3c248f
413594b929f42d9b6d4b708f63ce135f83c07acb1e907c4f1ee6dfcfc8c825ca
41f8138a489bc1f75f88590f9b079005867ea33a30d0dd6582c29eda7b5f53ac
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51205131e238bfb5058db50bd6dc194a798723838990b3e0731b189b46730389
53a64940acb60122ea7b59aa99f8d5271e5cbe0e43b92568715b653754dbd6f1
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ff29dc26379acb0cc580deaf31ff37f868c08e614bcabe2d18c125567b858f
551c4efc082fb801786e0fa1f67a5d0c5a2840b72374e3e475d53226e2e54928
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5a491af5828737cb6a41482ff4aaa729f6cc7a64f0d3d8c67598ac7cb08a1699
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf0a170ae91f1bb8d0c94381a74ab8b85f938bf31bf18a9c8e3b835250d3be6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce7cbc14a1cef2ad4f08e3837ed18342f0ad8748f92a6bf37e7fccede7cf573
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dc2394c7c507cd2128b6720546a5d79cb0df8f7129dbeb8645a0dd5b5ed2edc
5e4c2fe51c3cfa79eea63764ca2c0e50e93a2f1687d2320154bff9ac129abf02
5f0fad378d47df32231df6c6baf929d898f896d07e7b71da0ef2168894963f7e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cb35133865eac473826f95c6a9d64ff1fa3da71403ea4f1981e5de9bcd69bd
67f565f25c1bb8ae629cfca60c71766232073a0c905e0387e45895657b4ae3e7
692d5bfbe20a07e4a335e0901666ce693c3ff7a515ba8f0373695edf1e77a07d
6a416a4fda4f828803796ae2dcc0c09af99f0d2af2be3ac8060e79141b44d39e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9425dd2a9ef78ff5ea9bd57770c44cc7478c0a0d9d7c6e2bec412264bbb3d0
6f85c9d31fe1d4507538cd8023f041b3e97db23423f2cafc8a005abed0eaa123
732bea30eac1f61fbfedf91a865b87690ae3efd917510bdc00c9e01484b9e899
73e19401707d030422213eacea81ed13ef140752da1382a534e2e52385425e02
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75589164e5e2ec0ba396fab17bace54684ea14390ba8dc9821c1105397543815
756baabf1f5060efcd9a768219b078854c7e9b9752e466a39560ba3fc52f445d
77113f37f31c9049b9213badb3e914b53e15623e2ed3b339f017fc25ab724e19
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
82fd84c4ac4b61c0e75753a8d8d76a2246b951351b9b936d2959a44ca04809af
8431d898c5e71364dabb03d7c265b2eb587199c5cd438a1f83f986387180033d
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ac52e97d7606485f749710e5b28521d2968c75035e845c060228303efe2ae1c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90931b70bd659f14792b02d664eddbea5dd7dda5c1f70f31e4be330f84cf3dd6
90a1c1da264b4fbd90ce683b419e900f8652c3e25434587405084564b9d304b8
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
93a246a5b7d6843a6272664b54d6ddaad8d66a7ddd94162a03140d6d7eea147c
96a54265b9435aa1d8d35ae1e1a6734ad8fabe3da02b7621221a884a92947693
971bbbdac4633caf3f3ead10a418d5c506a62e71b3839e47a26c09747b623f7e
9900b23f9f49af5f34387eb63a8673a563ab131c1e171cfaf14cf8b67a466b9d
99103326019d3c08da056b3b99f984f4db78f796c3f84621f45a501b6f35f04a
9b69a48f6a6b7ac2869d295efb34fe1ec60104934e3c9d8f0d6096e53bab712d
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9edfce0dac6ab21d26a4f721df56a5d766ca603980fcc186fbca93d27a382806
9fb26ec2bd951c707c2c5a32ce4437082246c5e1fd0cb1ef6d56606d76c925f6
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5442291e1c921abc633723ad82232f8388cde8206a5e27148d5904b08c7462b
a57d1ca5b5f3b1cc5c27b6614572a96b4f5871ac2a8b0b15b318c7cf1b5fa31b
a63b2043b4dd3295ffd0e0f5b722489021475975ebe1e083001b65aa878a0948
a6e9c02837fc4e15d5f6940b514eb5c52f7a752cdbb05862097e7239ad7366a3
a6f6ef1618bca7601d9f577e7153748d83203d79cc5966dc2acaaa27a05ba06e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8543fd815b5a4bc0852ebce5520090ca6af420e10569c8a60813932e57fc863
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ace3222449d8d8dda2599cf1084e130d4de8deb33213ebfd83eac43c5c696ecb
b0d18d8068cf5c16db5da75e9cbc4bb01b5b4aae8d4e9a3bfe6150ab4793a7c5
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b3d35e6ba90b7cde87180c72195f39051a7e1399c8e4abf03e2ba9d3657a1588
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b761282cad825ce409c7a28e06bec96ffa2148e86779b338ea4b4e019b5b4c36
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc7731959f24eb86dc0127adfa88c91e71d68b5a0c958dae09aab1b34438256c
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bedcc92fa96a1549eec70158c56437af620ad5562b61b64bbf86dfc8bb30dec5
bf6b19125f81d97d9e4c1942d346d7eefab7e9fc0a776f4b6ebe543705de62ae
c0ab4c5b5cc17b0c2e2ede197ba5d9c5f3f1a21ddc991791b5e32690eda15e7b
c29ad9e302d80291cac583c6a954c1c70ab8e7faeb52444253dc5256ac8326b9
c9014ee6897319c5e49dc96cfe8137b7e6ec3e90d87729c80b7c77496f846de7
c905dc3dce158245ad7d9e6a4b7e80d45f6ef9d6f26f324bf5fdb8ad405d54df
c913465d4c4fb102564e6d51ce1f34897846beebb4e1bbc387c64586c60d7784
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd911729403decd6e3b74702fdc4d2c1b1e3ecf35a147f7e5373669932cc708
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cddfac6c13eab61808fa97904a93ef656603027d26e2e3edc708dd1ab434f11b
ce456371f2f83e24a2bc75f3ab6f2c817ae2a424390275faa9655fa504dbd81a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d68886e9024a07c1984e876c26fd176de5dcdfe9ccbac1e0fa3385ca4ca11e20
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a
daaaf6125d2a5793af3a12215de15d7ffbc503388fb0a7c6a782f86d0190d198
dc38b872bf4c61d8eec999705110f061626246653b6daf4e97724420f2eb27ca
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df33d216bb5bc957beef58887a9b29d677241f5293c75088786eb4449bc79f76
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e11358f81905fda56213119d8d9a1076ec679d26ad3f9ad82c0091024a7a1408
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e1e550140fb6da0432e57a185837b6f87aa38ccd3fe384ebc3905c88a83eef44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ae14082f4d2088f2bcc4f8e3da3955343dd1e39e0a5f9333c45d6428c3cfc5
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
ed2445b3c0d2b8bc8e435533ea568673d8756b59c298e2d8494e84f97ae7703e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4360d923f52cd96a84b3831fa1f19dc2420a3a36108c2335f600d491ca349ce
f46934566f00ac67de155a66ab6a4a8e573046f71ec20e05203ca10c416e9f82
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5bbc92540bc7a12de294ba16a81781404cd7a294f9b7f271ed476c42364c5c5
faa19f2ac3bae703cbad3a24e7ed3b4ed88e2af435eb2b099b528e8d760a72c7
fc378232f9dad500890aa9e0bdd030a53d2f317d517393a3b91400b4ddce4c7c
fc37bb6b7d279b0fdcb1a3bdec761cce370adf0ecc88010ccb4ebc76a5a54444
fcac404183c59f1947d7e599e01c830ab790f220f0f40529f4aa71b3d7a30e26
fde7a79194bcf0345b3641642515ca383fe4980971fcbe2aba27420cd05cb7f4
ff46f5af26331fcfc5012cf7166c01cc1113691bbbf90855424600ebbd5d3f63
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914