safaricom.zerod.live Open in urlscan Pro
91.241.94.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://safaricom.zerod.live/
Effective URL:
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3...
Submission: On April 24 via manual (April 24th 2022, 9:16:12 pm UTC) from NG — Scanned from DE

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 84 HTTP transactions. The main IP is 91.241.94.160, located in Greece and belongs to UPSTREAM-AS Greece, GR. The main domain is safaricom.zerod.live.

This is the only time safaricom.zerod.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 27	91.241.94.160 91.241.94.160	49582 (UPSTREAM-...) (UPSTREAM-AS Greece)
1	196.201.213.123 196.201.213.123	33771 (SAFARICOM...) (SAFARICOM-LIMITED)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14d6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	37.157.6.242 37.157.6.242	() ()
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.33.221.88 185.33.221.88	() ()
1	185.86.137.113 185.86.137.113	() ()
1	143.204.98.2 143.204.98.2	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
14	2a00:1450:400... 2a00:1450:4001:801::2002	() ()
2	151.101.129.108 151.101.129.108	() ()
8	185.33.220.145 185.33.220.145	() ()
4	2a00:1450:400... 2a00:1450:4001:811::2003	() ()
2	2a00:1450:400... 2a00:1450:4001:811::200a	() ()
10	2a00:1450:400... 2a00:1450:4001:813::2001	() ()
2	2a00:1450:400... 2a00:1450:4001:82b::2002	() ()
4	2a00:1450:400... 2a00:1450:4001:803::2003	() ()
1 1	2a00:1450:400... 2a00:1450:4001:829::2004	() ()
84	21

27 91.241.94.160 (Greece) 6 redirects

ASN49582 (UPSTREAM-AS Greece, GR)

safaricom.zerod.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 196.201.213.123 (Nairobi, Kenya)

ASN33771 (SAFARICOM-LIMITED, KE)
PTR: 196-201.213-123.safaricom.co.ke

header.safaricombeats.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f7::5c7b:e121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.projectagora-adtag-library.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.242 (None, )

ASN- ()

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.88 (None, )

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.113 (None, )

ASN- ()

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-2.fra50.r.cloudfront.net

cdn.kdaimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:801::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (None, )

ASN- ()

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.220.145 (None, )

ASN- ()

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	zerod.live 6 redirects safaricom.zerod.live	361 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	116 KB
14	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 394 ib.adnxs.com cdn.adnxs.com ams1-ib.adnxs.com	93 KB
10	doubleclick.net googleads.g.doubleclick.net	88 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	115 KB
2	googletagservices.com www.googletagservices.com	73 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1792	24 KB
2	adform.net adx.adform.net	412 B
2	projectagora-adtag-library.com cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 43492	131 KB
2	projectagoraservices.com ads.projectagoraservices.com — Cisco Umbrella Rank: 24267	8 KB
1	google.com 1 redirects www.google.com	299 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 778	366 B
1	kdaimo.com cdn.kdaimo.com — Cisco Umbrella Rank: 40341	3 KB
1	smartadserver.com prg.smartadserver.com	341 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	2 KB
1	safaricombeats.co.ke header.safaricombeats.co.ke	945 B
84	17

	Domain	Requested by
27	safaricom.zerod.live	6 redirects safaricom.zerod.live
10	tpc.googlesyndication.com	googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	cdn.projectagora-adtag-library.com googleads.g.doubleclick.net
8	ams1-ib.adnxs.com	cdn.projectagora-adtag-library.com safaricom.zerod.live cdn.adnxs.com
4	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	pagead2.googlesyndication.com	cdn.projectagora-adtag-library.com safaricom.zerod.live googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	cdn.adnxs.com	cdn.projectagora-adtag-library.com
2	ib.adnxs.com	cdn.projectagora-adtag-library.com
2	script.4dex.io	cdn.projectagora-adtag-library.com script.4dex.io
2	adx.adform.net	cdn.projectagora-adtag-library.com
2	cdn.projectagora-adtag-library.com	ads.projectagoraservices.com cdn.projectagora-adtag-library.com
2	secure.adnxs.com
2	ads.projectagoraservices.com	safaricom.zerod.live
1	www.google.com	1 redirects
1	onetag-sys.com	cdn.projectagora-adtag-library.com
1	cdn.kdaimo.com	cdn.projectagora-adtag-library.com
1	prg.smartadserver.com	cdn.projectagora-adtag-library.com
1	cdn.jsdelivr.net	cdn.projectagora-adtag-library.com
1	header.safaricombeats.co.ke	safaricom.zerod.live
84	22

This site contains no links.

Subject Issuer	Validity	Valid
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
cdn.projectagora-adtag-library.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.kdaimo.com Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Frame ID: 6AA6558E0DEB5888347404E4975C3B2E
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 7082CAAAF47E3063782834CF5DF2422C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 3A95C298D1999304DE571D8EFE5B4A07
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 25E15E0FEDE9154BCA4A92ED602B0517
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: F0ED39A1158B3C2818B739C281483F42
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A702439E0845A60C97803CD34FD7F51
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Frame ID: 7CC5C7AD2AD4260D22612CD5DB4256DB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Frame ID: 119BA2B594F2545CBC955D8F34F628F8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZeroD - Always ON

Page URL History Show full URLs

http://safaricom.zerod.live/ HTTP 301
http://safaricom.zerod.live/zerod-web/r/landing/ HTTP 302
http://safaricom.zerod.live/zerod-web/e/landing Page URL
http://safaricom.zerod.live/zerod-web/r/landing2?id=&beatserr=821 HTTP 302
http://safaricom.zerod.live/zerod-web/a/token?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2... HTTP 302
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

84
Requests

71 %
HTTPS

52 %
IPv6

17
Domains

22
Subdomains

21
IPs

6
Countries

1014 kB
Transfer

2031 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://safaricom.zerod.live/ HTTP 301
http://safaricom.zerod.live/zerod-web/r/landing/ HTTP 302
http://safaricom.zerod.live/zerod-web/e/landing Page URL
http://safaricom.zerod.live/zerod-web/r/landing2?id=&beatserr=821 HTTP 302
http://safaricom.zerod.live/zerod-web/a/token?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821 HTTP 302
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://safaricom.zerod.live/ HTTP 301
http://safaricom.zerod.live/zerod-web/r/landing/ HTTP 302
http://safaricom.zerod.live/zerod-web/e/landing

Request Chain 2

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345 HTTP 302
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Request Chain 10

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345 HTTP 302
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

84 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

landing Show response
safaricom.zerod.live/zerod-web/e/
Redirect Chain

http://safaricom.zerod.live/
http://safaricom.zerod.live/zerod-web/r/landing/?
http://safaricom.zerod.live/zerod-web/e/landing

4 KB
2 KB

85ms
84ms

Document
text/html

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

f871945d47ccc8d1218b233a1f58379d7722f365b9ce9bc7d0019496d03503aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Sun, 24 Apr 2022 21:16:06 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Language: de-DE
Content-Length: 0
Date: Sun, 24 Apr 2022 21:16:06 GMT
Expires: 0
Location: http://safaricom.zerod.live/zerod-web/e/landing
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 style.css
safaricom.zerod.live/zerod-web/resources/ 31 KB
8 KB 62ms
62ms Stylesheet
text/css 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/zerod-web/resources/style.css
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: df43cf209813fae4d5c5825f999486ff9ae500e75c66e97a5e68c690fea69081

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Apr 2022 21:16:06 GMT
Cache-Control: max-age=600
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1

200

fetch Show response
safaricom.zerod.live/data-rewards/api/v1/resource/
Redirect Chain

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

116 KB
117 KB

66ms
65ms

Script
application/javascript

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

824d720c6405a229043f7457b4d7ddcf5f8cbb84625c6fa23d60f1bf21578faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:06 GMT
X-Content-Type-Options: nosniff
ETag: "invocate-ad-0.1.361.js"
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Range: bytes 0-119235/119236
Content-Disposition: inline;filename="invocate-ad-0.1.361.js"
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 119236
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60
Expires: 1650834967329600000

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:06 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Location: ./fetch?name=invocate-ad-0.1.361.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60

GET
H/1.1 200
OK forward
safaricom.zerod.live/ga-proxy/ 39 B
39 B 137ms
136ms Image
text/plain 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/ga-proxy/forward?v=1&_v=j66&t=pageview&_s=1&dl=/zerod-web/e/landing&je=0&_u=IEBAAEAB~&cid=unknown&tid=UA-147729356-1&_r=1
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:07 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

GET
H/1.1 200 pixel
safaricom.zerod.live/zerod-core/api/v1/event/log/ 42 B
455 B 99ms
99ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/event/log/pixel?type=PAGEVIEW&url=/zerod-web/e/landing&metadata=

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:07 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 1 KB
1 KB 64ms
63ms Image
image/png 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=logo-default.png

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

8d591022363d0eb71a769805939c4d2bdb37b67671703871e00fb41cc97e653d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:07 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1167
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 2 KB
2 KB 65ms
64ms Image
image/png 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=mno-logo-h.png

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

9cab404a239f93927c6c6cc6c16679e07751758068231cc53b5aba5acb8210c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:07 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1902
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 87 KB
87 KB 66ms
66ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=KSZspinner.gif

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

1b8fc659321ea327b1cdf963a29b1c0d333f0a31bd1b87c55ace5d3d4c776d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:07 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 88632
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
header.safaricombeats.co.ke/ 432 B
945 B 673ms
177ms XHR
text/xml 196.201.213.123
SAFARICOM-LIMITED

General

Check archive.org

Show headers Download Go to

Full URL: http://header.safaricombeats.co.ke/
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 196.201.213.123 Nairobi, Kenya, ASN33771 (SAFARICOM-LIMITED, KE),
Reverse DNS: 196-201.213-123.safaricom.co.ke
Software: Web Server / PHP/8.0.7
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
Server: Web Server
X-Powered-By: PHP/8.0.7
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1286082693", dtTao;desc="1"
Connection: Keep-Alive
Timing-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Content-Length: 432

GET
H/1.1

200

Primary Request switch_to_data Show response
safaricom.zerod.live/zerod-web/e/
Redirect Chain

http://safaricom.zerod.live/zerod-web/r/landing2?id=&beatserr=821
http://safaricom.zerod.live/zerod-web/a/token?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603

3 KB
2 KB

99ms
98ms

Document
text/html

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

4530f488cda1bb6ed862f31e18b067ba3f04336f1a1a2314f4d5ef2888a61ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://safaricom.zerod.live/zerod-web/e/landing
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Sun, 24 Apr 2022 21:16:07 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Sun, 24 Apr 2022 21:16:07 GMT
Expires: 0
Location: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 style.css
safaricom.zerod.live/zerod-web/resources/ 31 KB
8 KB 67ms
67ms Stylesheet
text/css 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/zerod-web/resources/style.css
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: df43cf209813fae4d5c5825f999486ff9ae500e75c66e97a5e68c690fea69081

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Apr 2022 21:16:07 GMT
Cache-Control: max-age=600
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1

200

fetch Show response
safaricom.zerod.live/data-rewards/api/v1/resource/
Redirect Chain

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

116 KB
117 KB

65ms
64ms

Script
application/javascript

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

824d720c6405a229043f7457b4d7ddcf5f8cbb84625c6fa23d60f1bf21578faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
ETag: "invocate-ad-0.1.361.js"
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Range: bytes 0-119235/119236
Content-Disposition: inline;filename="invocate-ad-0.1.361.js"
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 119236
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60
Expires: 1650834968637600000

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Location: ./fetch?name=invocate-ad-0.1.361.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60

GET
H/1.1 200
OK forward
safaricom.zerod.live/ga-proxy/ 39 B
39 B 1821ms
1763ms Image
text/plain 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/ga-proxy/forward?v=1&_v=j66&t=pageview&_s=1&dl=/zerod-web/e/switch_to_data?origin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26beatserr%3D821%26code%3D603&je=0&_u=IEBAAEAB~&cid=0f8dbaaf-b2de-4d52-8c70-ccb7a259179a&tid=UA-147729356-1&_r=1
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:09 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

GET
H/1.1 200 pixel
safaricom.zerod.live/zerod-core/api/v1/event/log/ 42 B
455 B 152ms
93ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/event/log/pixel?type=PAGEVIEW&url=/zerod-web/e/switch_to_data?origin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&metadata=

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 3 KB
4 KB 126ms
67ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=logo-default.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

d8cd910002cc957350dfc2bab7d2aaf9a51597aac51aaa036929a147dba5c014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 3314
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 1 KB
2 KB 124ms
65ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=wifi-off.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

912fba92be2e04c0069d92bf1450d896425ee4a2491c930a2632ddb761642e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1429
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 878 B
1 KB 68ms
67ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=switch-arrow.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

b4afe8fb8c912a034e0d39380f91bacde77ca02c22527ad8e3933fb6e4835968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 878
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 1 KB
2 KB 71ms
68ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=data.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

2d94e7d84f6cceab3387efe1f9e97bb88ae9f705892baab21b4181c9a7804be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1206
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK asyncjs.php Show response
safaricom.zerod.live/www/delivery/ 4 KB
3 KB 118ms
115ms Script
text/javascript 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 51567fa9aed529afecdac846ddf4897271cd94aeab45c4e992dbe20339814882

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:08 GMT
Content-Encoding: gzip
P3P: CP="CUR ADM OUR NOR STA NID"
ETag: 6567aac3aa5b505592b1d50e7d53718c
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Expire: Sun, 24 Apr 2022 22:16:08 GMT

GET
H/1.1 200
OK asyncspc.php Show response
safaricom.zerod.live/www/delivery/ 2 KB
1 KB 126ms
126ms XHR
application/json 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/www/delivery/asyncspc.php?zones=8527%7C8528&prefix=revive-0-&loc=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&referer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 44ab7537c8654b947626f8735fb7a8c99f250dbe3358b0d92dd4b3ae3020dc14

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK / Show response
ads.projectagoraservices.com/ 12 KB
4 KB 72ms
29ms Script
application/javascript 2a02:26f0:3500:11::215:14d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.projectagoraservices.com/?id=17499
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:11::215:14d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d78a070d2001440115e55d8a881b9df8530b0de2b2dd116af1b02f30d40685bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3846
Expires: Sun, 24 Apr 2022 21:16:10 GMT

GET
H/1.1 200
OK / Show response
ads.projectagoraservices.com/ 12 KB
4 KB 71ms
28ms Script
application/javascript 2a02:26f0:3500:11::215:14d6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.projectagoraservices.com/?id=16277
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:11::215:14d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f0ea41c6ebc4bfb9f3dbe0129097640f019f2ef833ae46b715a95ae8ddb44409

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3901
Expires: Sun, 24 Apr 2022 21:16:10 GMT

GET
H/1.1 200
OK lg.php
safaricom.zerod.live/www/delivery/ 43 B
722 B 110ms
110ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/www/delivery/lg.php?bannerid=83140&campaignid=14123&zoneid=8527&loc=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&referer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding&cb=3bbe679136
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK imptr
secure.adnxs.com/ 43 B
693 B 75ms
33ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/imptr?id=63057&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ae5db421-67e4-4aee-88be-aa1bd6384154
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK lg.php
safaricom.zerod.live/www/delivery/ 43 B
722 B 111ms
111ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/www/delivery/lg.php?bannerid=83275&campaignid=14123&zoneid=8528&loc=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&referer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding&cb=20d5ea6b9e
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK imptr
secure.adnxs.com/ 43 B
693 B 56ms
14ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/imptr?id=63056&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:10 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2d43ab50-db64-4bb7-9bfc-f255d21ae52d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pav2_6.6.3eca5d0.min.js Show response
cdn.projectagora-adtag-library.com/adtag6-6/ 33 KB
8 KB 50ms
9ms Script
text/javascript 2a02:26f0:f7::5c7b:e121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/adtag6-6/pav2_6.6.3eca5d0.min.js
Requested by: Host: ads.projectagoraservices.com
URL: http://ads.projectagoraservices.com/?id=16277
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1077b4e81880c532ec050485f90b6a4d6c7696feec3eb753a8832b13a0ed5577

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:16:10 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 11:01:20 GMT
server: UploadServer
etag: "fb429cf2eb5cd2805daa316a36097148"
vary: Accept-Encoding
x-goog-hash: crc32c=DUZ9ZA==, md5=+0Kc8utc0oBdqjFqNglxSA==
content-type: text/javascript
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
cache-control: private, max-age=86400
x-amz-meta-
accept-ranges: bytes
x-guploader-uploadid: ADPycdu9uO6TpO57Fb6r1b_l0XbIHV2J1CDzRbmNY1ppmASBXDBKmW7DUvuHJPvFQb4jJ59zp2eUtwAbApyr8g2uX3EA
content-length: 7874

GET
H2 200 prebid.6-6.js Show response
cdn.projectagora-adtag-library.com/prebid6-6/latest/ 396 KB
122 KB 8ms
8ms Script
text/javascript 2a02:26f0:f7::5c7b:e121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag6-6/pav2_6.6.3eca5d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e6a2a41ceb893488e65f890b785daab9830ee269b8933debba8d0691115677e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:16:10 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 09:22:57 GMT
server: UploadServer
etag: "682d2151bef7a1a09ddebf58f5750ee2"
vary: Accept-Encoding
x-goog-hash: crc32c=QcVLiw==, md5=aC0hUb73oaCd3r9Y9XUO4g==
content-type: text/javascript
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
cache-control: private, max-age=86400
x-amz-meta-
accept-ranges: bytes
x-guploader-uploadid: ADPycdssCm_JqfdzOOWWxl0eCLrIkxGlvy9uuwNHFXHo8SXe_y0eDLgZVZqmZfkdDSW26aezQ4v9KGaMU6kwQ8JlCRFaFjUofLMK
content-length: 124668

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 100ms
20ms Preflight 37.157.6.242

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://safaricom.zerod.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://safaricom.zerod.live
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 24 Apr 2022 21:16:10 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 36ms
17ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220424

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ee0e68bf01a3e9a8330313687a7fd9ecfc3add039b82159c056f4987d9066a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Apr 2022 21:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22514
x-jsd-version: 1.0.1321
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19138-FRA, cache-hhn4053-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66b-+fRPdAkJcP6xYflawjNp7yXQmSs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWkGeresQXG%2BrN3NtNaKNKWlv5X%2BDFScTNqrXx5C%2F2syP8Q1ZCkNS5F7OQNZsASImnBGMyNHE35a99yW037TNdMwOXoMRKPsqvpZv%2BsXxlFFgboWBB%2Bv2ahY32LCBxF5QjhME870NR9Mt8SEiEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7011dbc6c8b35bfd-FRA

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
935 B 40ms
15ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:16:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1147018
x-amz-request-id: tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2: tx0c810f9b689a43feb0d6c-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpYt8aTK2i3iQ4gegbdN9aktAcL4fFiD2hYaid2Qfw0Vyxq7AbQos517ctz%2FBpxxzguoO96dIib9KQlFLlxsu6a%2BAliUckTqv7KLoeevuva7TsfsdEBkX2zbaBPpQNmkhNcPJ7HFiufcUmE%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1649687875786561
cf-ray: 7011dbc6d8709c04-FRA

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
412 B 119ms
77ms XHR
text/plain 37.157.6.242

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 21:16:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 22 KB
14 KB 309ms
279ms XHR
application/json 185.33.221.88

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

a826c0edc4295da61d2f99c53d8b785decc4acb1aff2665d53b884376ee82ff9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Apr 2022 21:16:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cf81528c-45ae-44b1-afa9-55efd725fc91
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
341 B 438ms
18ms XHR
application/json 185.86.137.113

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 21:16:10 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 min.js Show response
cdn.kdaimo.com/projectagora-483829/ 3 KB
3 KB 66ms
8ms Script
text/plain 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kdaimo.com/projectagora-483829/min.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag6-6/pav2_6.6.3eca5d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 01:00:55 GMT
server: AmazonS3
age: 15124
etag: "61e4dbcc663e6d945cd8b7db1c35a1e6"
x-cache: Hit from cloudfront
date: Sun, 24 Apr 2022 17:04:07 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2849
x-amz-cf-id: DbUEMwRW4jCIU1PEK2UVw07DAPhBHtnwuC-qxdtNZCLZtW-0AgTvHQ==

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 59ms
17ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 22 KB
13 KB 252ms
224ms XHR
application/json 185.33.221.88

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

3b70887958a033ccd797783c1ddf3a84838cff653c76362dc7deec21badcf1f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Apr 2022 21:16:10 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b00b2065-a3e6-4c98-92e3-0cab3faf3032
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 32ms
17ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:16:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198947
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx0e1dd575d372445694ba1-00626095ab
x-amz-id-2: tx0e1dd575d372445694ba1-00626095ab
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uOEEeyrt02TsEmeMkTKl6AAEa3M9PgkaCFFEu8vm3oaINAY2C8SYLBoM2da2VW3y%2BPoy2dLrpDwNq2h4fnovHnH%2FtBljvfK9xKYh6K2YGQ%2Fefvipv2f0R%2FnoWBt0FAFNuAAcKQnur1ePnV2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1649687874851815
cf-ray: 7011dbc70a229a1b-FRA
access-control-allow-headers: Authorization

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 7082 13 KB
5 KB 19ms
13ms Document
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5041
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 19:52:10 GMT
etag: 12223946614886178233
expires: Mon, 25 Apr 2022 19:52:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 3A95 11 KB
5 KB 176ms
15ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 20:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1545
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4875
x-xss-protection: 0
server: cafe
etag: 7698967424627035244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 21:50:26 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 3A95 85 KB
29 KB 167ms
7ms Script
application/x-javascript 151.101.129.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:11 GMT
Content-Encoding: gzip
Age: 5141859
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21977-LGA, cache-fra19147-FRA
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1650834971.099254,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1225036

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 3A95 0
819 B 182ms
22ms Image
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fe%252Fswitch_to_data%253Forigin%253Dhttp%25253A%25252F%25252Fsafaricom.zerod.live%25252Fzerod-web%25252Fr%25252Flanding2%25253Fid%25253D%252526beatserr%25253D821%2526id%253D%2526beatserr%253D821%2526code%253D603&e=wqT_3QKXB-iXAwAAAwDWAAUBCJr8lpMGEJvOi53v8c6RIBgAKjYJu2BwzR194z8ROVJsu7-Q4D8ZAAAAQOF69D8hOQ0SACkRJMgxAAAA4FG43j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3gAgAEBigEDVVNEkgEBBvCVmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AL7tVzqAq0BaHR0cDovL3NhZmFyaWNvbS56ZXJvZC5saXZlL3plcm9kLXdlYi9lL3N3aXRjaF90b19kYXRhP29yaWdpbj1odHRwJTNBJTJGJTJGc2FmYXJpY29tLnplcm9kLmxpdmUlMkZ6ZXJvBUawJTJGciUyRmxhbmRpbmcyJTNGaWQlM0QlMjZiZWF0c2VyciUzRDgyMSZpZD0mERMAPQERcGNvZGU9NjAzgAMAiAMBkAMAmAMXoAMBqgPqAQq_BcOAczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1EaEJZT2EtaVhQbEV2RGpaYWJDa2tMbl9sS1hYRENKUlFtcEJNMVhCOWV6eng0Z0hOMjlEMGV2UkM1NjJMVVdMb2hncUl6UDNMelhFNFdOU05XYVZvVDFrcVdVUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyMzE1NzYwMTE4NTU3NTAxMjExIgg3NzIyMTc5MyoEMzk0MToBMMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTMzqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEhtW1IsgEANoEAggB4AQB8AShn-kkiAUBmAUAoAXj-cTe7_Pg80jABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW84Bv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAE1GQGoEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcBqgcMMTMyNjAwMTIzMDYyugcPCAUsPCAAMAA4ugZAAMgHANIHDQkRSgFIDNoHBggFCUTgBwDqBwIIAPAHwvwDiggCEAA.&s=8627ee25353bbee6c469718c21cbdb59a43318ee

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:11 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b332532-3245-49df-9d2e-5a3b12ca6ec6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A95 0
442 B 205ms
45ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-BmMdHX6a_3rSgZ167bAYSADuoCOe_HXGk9kcQbJclWnp8CVVbesLqKTyt4NDXaGgoizGu76XKtXfWkzA5HaIcuRmeVJg

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 21:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 25E1 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5041
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 19:52:10 GMT
etag: 12223946614886178233
expires: Mon, 25 Apr 2022 19:52:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame F0ED 11 KB
5 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 20:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1545
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4875
x-xss-protection: 0
server: cafe
etag: 7698967424627035244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 21:50:26 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame F0ED 85 KB
29 KB 7ms
7ms Script
application/x-javascript 151.101.129.108

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 21:16:11 GMT
Content-Encoding: gzip
Age: 5141860
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21977-LGA, cache-fra19147-FRA
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1650834971.124373,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 1225037

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame F0ED 0
819 B 15ms
14ms Image
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fe%252Fswitch_to_data%253Forigin%253Dhttp%25253A%25252F%25252Fsafaricom.zerod.live%25252Fzerod-web%25252Fr%25252Flanding2%25253Fid%25253D%252526beatserr%25253D821%2526id%253D%2526beatserr%253D821%2526code%253D603&e=wqT_3QKwB-iwAwAAAwDWAAUBCJr8lpMGEPTL_qWxo8eWFxgAKjYJbyu9NhuLAkARPTDbqRSG_z8ZAAAAoHA98j8hPQ0SACkRJNAxAAAAwMzM3D8wgZnHCjilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jd6AWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARFwY29kZT02MDOAAwCIAwGQAwCYAxegAwGqA_8BCtQFw4BzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20NHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvSBAV9iPUFLQW1mLUJBaUtNa0hVcGFMTUt0dXhvQWMwRmFtV3lHSUFuQnJOb2NoQnZ6VmdZUmxqODFtZjlCMW1XTEl0RHg2eVBxX3FfOFpTVk13QnNzbTh6ZVJaWmtFa1hmYlRCQW9rUXc5b3BjU19RR3J2NVZiS1lMVm5rJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE2NzAwMjMwMzg5NzM3NDg3MjQiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwASG1bUiyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBfKqi-b8wP3qTMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbzgG_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAABTkJAagQABgA4AYB8gYCCACABwGIBwCYBwGgBwGqBwwxMzM3ODg4MzUwODW6Bw8IBSxEIAAwADi6BkAAyAfd6AXSBw0JCUgAAAUeDNoHBggFCUTgBwDqBwIIAPAHwvwDiggCEAA.&s=eb435e14843e81437000730c1cb22e4d5ea6492c

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:11 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b651bff-6653-4fd7-be98-95907efb1607
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0ED 0
56 B 47ms
47ms Image
image/gif 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-BLAMldP2AiyTO_ds7wZ4Ixwdlu8Tp7adb-S8EMVDEg0OBBRgV66XD-GdwBS32PNE_lB-J4da_ONsUXaB7PKuWuriXMa3VScRs15T03Y0F_Uokd23Q

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 21:16:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 3A95 0
819 B 44ms
34ms Script
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QL0Muh0GQAAAwDWAAUBCJr8lpMGEJvOi53v8c6RIBgAKjYJu2BwzR194z8ROVJsu7-Q4D8ZAAAAQOF69D8hOQ0SACkRJMgxAAAA4FG43j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3gAgAEBigEDVVNEkgEBBvCVmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AL7tVzqAq0BaHR0cDovL3NhZmFyaWNvbS56ZXJvZC5saXZlL3plcm9kLXdlYi9lL3N3aXRjaF90b19kYXRhP29yaWdpbj1odHRwJTNBJTJGJTJGc2FmYXJpY29tLnplcm9kLmxpdmUlMkZ6ZXJvBUawJTJGciUyRmxhbmRpbmcyJTNGaWQlM0QlMjZiZWF0c2VyciUzRDgyMSZpZD0mERMAPQER9CoBY29kZT02MDPyAg0KBkhFSUdIVBIDMjUw8gIMCgVXSURUSBIDMzAw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIXCgpJRlJBTUVfS0VZEgk4NzQyMDU5ODnyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjt2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5CLQAQLmNhbGwBKSQsdm9pZCAwKX06Fc2IYSxjKXtpZigic3RyaW5nIj09PXR5cGVvZiBhKXJldHVybiINGgAhFRrAY3x8MSE9Yy5sZW5ndGg_LTE6YS5pbmRleE9mKGMsMCk7Zm9yKHZhciBkPTA7ZDxhLgkpXDtkKyspaWYoZCBpbiBhJiZhW2RdPT09Yw1oCCBkOwlxLC0xfTsvKgoKIFNQRI46ARHMOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD0RKBAoKXt9OxENBCBuATUEYT0pGjg9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FAHAhSHQsZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChaGgAQPVtdKTshLBRiPW4oYS4RfAQpOyEpBCl7ARoAZS66ABkXBGY9WlMAaCxnPWsoZixiKTswPD1nJiZBcnJheS5wcm90byHbGC5zcGxpY2VJFXRmLGcsMSl9Yi5yZW1vdmVFdmVudExpc3RlbmVyJiZSFwA0KCJsb2FkIixlLCExKTtSIwBiOgAQZXJyb3INOxh9O2IuYWRkQnMAPhQAPnAAPiAAAW0-FAAAKDZqABxiLnNyYz1jO1oxARgucHVzaChiLtEBBHEoKXwEYT0xkjQuY3VycmVudFNjcmlwdE0aACgyOQIsbnVsbDphKSYmIjc3YUk8YS5nZXRBdHRyaWJ1dGUoIqE3HC1qYyIpP2E6FVc8cXVlcnlTZWxlY3RvcignWw0lAD0BRAxdJyl9RR3wRnI9UmVnRXhwKCJeaHR0cHM_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7eSsAdBXgAGgFYQxjPVtdBQkEZD0Bxgw7ZG97QXsYYj1hO3RyeQUMAGVBkxhlPSEhYiYmASRQIT1iLmxvY2F0aW9uLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_0x9fXdoaWxlKGEmJmIhPWEpO2I9MIXVAGGV9nQtMTtiPD1hOysrYiljW2JdLmRlcHRoPWEtYjtiPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHACtYQA9HXUAKaFbFGE9MTthPLGATDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaBmrIdVl5QBnJRYlAgRkPTIEARwwPD1kOy0tZKHYSGY9Y1tkXSwhZyYmci50ZXN0KGYBjyApJiYoZz1mKSwFDiwmJiFmLmgpe2I9ZjtFGwB9DV0AZBXmBCYmAcwBOwQ7MEFlJVoIJiZkBUgBGwgpO2MFrRB2KGIsZ7XoFGMuZz9jLgX6DDpjLmkBQAB9teYAdqGhHCl7dGhpcy5pQdUBCQhnPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKvfoAd3VJFHQoKSxjPfkKPCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRbWCCggMDw9Yz9hLnN1YhZRCRwoMCxjKTphfQngDC5yZmwu6AcNNQRlbg75ClBVUklDb21wb25lbnQodygpKX07fSnpwUGaECk7CjwvGqcKaPICyQIKCkVYVFJBX1RBR1MSugI8ZGl2IHN0eSFSDHBvc2mhsWQ6IGFic29sdXRlOyBsZWZ0OiAwcHg7IHRvcA0KZHZpc2liaWxpdHk6IGhpZGRlbjsiPjxpbWcg4UtVh0kUSlkCQTYNHi4yAhRhd2JpZCYFBvCGX2I9QUtBbWYtQm1NZEhYNmFfM3JTZ1oxNjdiQVlTQUR1b0NPZV9IWEdrOWtjUWJKY2xXbnA4Q1ZWYmVzTHFLVHl0NE5EWGFHZ29pekd1NzZYS3RYZldrekE1SGFJY3VSbWVWSmciIGJvcmRlcj0wIHdpZHRoPTEgaGVpZ2h0PTEgYWx0PSIiMRqoZGlzcGxheTpub25lIj48L2Rpdj7yApkBCgxQT1NUX1NDUklQVFMSiAE8cxICCDYIARb2CVBhZHMuZy5kb3VibGVjbGljay5uZXQxBjx4YmZlX2JhY2tmaWxsLmpzAWUttQ1TAD6dJBwge3IzcHgoJyKcDBwnKTt9KSgpOz3qELoTChBIAZ00UE9SVF9QQVJBTVMSpRORI4qUADhhZGZldGNoP2Fkaz0xNjAFAvBbMjUmYWRzYWZlPW1lZGl1bSZjbGllbnQ9Y2EtcHViLTMwNzY4OTAwMTI3NDE0NjcmZm9ybWF0PTMwMHgyNTBfYXMmaXA9MTc4LjE2Mi4yMDkuMTMzJm91dHB1dD0Ofw0oJnVudmlld2VkX3BNjSBfc3RhcnQ9MSaheCZ9DhAmc3ViXw19AGJBg_QhA3ItNTY1OTU2NiZobD1kZSZhY2VpZD1NTnNPdEFDc0dyUUFqaHUwQVBsVk5BRkdXelFCam1FMEFTSnFOQUd6Y0RRQmhuSTBBY2h5TkFHcWN6UUJLSFUwQVV0MU5BRjFkVFFCVkhZMEFhTjJOQUcxZGpRQkZYYzBBVUYzTkFGSWR6UUJTM2MwQVZOM05BRmFkelFCZW5jMEFYeDNOQUdIZHpRQmkzYzBBWkIzTkFGTGMwRUJVM05CQVJ5RUJ3SmdIRndDelBxSUFxdzhxZ0luUXFvQ0tFS3FBaWxDcWdJN1lxb0NmV0txQXYxNHFnSk9lcW9DbW5xcUFxNldxZ0tBbTZvQ2dadXFBb0ticWdLaXFLb0NMYXlxQXBhNHFnSzN2YW9DN3NDcUFyekJxZ0tQeWFvQ2ZNMnFBb2JOcWdKTXo2b0NYYy1xQWhQUnFnS2cwYW9DLWRTcUFualdxZ0tHMXFvQ3Q5YXFBdHZXcWdLcTJhb0N1TnlxQWt2ZHFnSlYzcW9Ddi1DcUFzbmlxZ0tINUtvQ29PV3FBajdxcWdKVDZxb0NRT3VxQWtQdXFnSmQ3cW9DZE8tcUFpSHdxZ0xxOEtvQ3dQR3FBa195cWdLeDg2b0NTUGFxQWwzMnFnS1I5cW9Dd3ZhcUFsejRxZ0lILTZvQ0p2dXFBa0w3cWdKSC02b0NCX3lxQXIzOXFnSU5fcW9DWVA2cUFvUC1xZ0kyXzZvQ1FfLXFBbmZfcWdJLUFLc0Nzd0dyQXZjQnF3SVdBNnNDR0FPckFrQURxd0tCQTZzQzhRT3JBallGcXdJSUJxc0NMQWFyQWtjR3F3Sk1CcXNDb1FhckFxUUdxd0xFQnFzQ3NRZXJBbVEzWVFSVXNzVUZCOXBfQ0JxS0J4Q1BvVFVSemFFMUVTdXMteEk5dGZzU19NZjdFbExLLXhKWHl2c1NMdGo3RW43Wi14S28ydnNTdTl6N0VpVHcteEpLOHZzU1VmTDdFaFAwLXhMUzlQc1M3UGI3RWh2My14S2N5eHdZLUZackdqdEota0lLMFB0QyZleGs9ODc0MjA1OTg5JmGhXghfYz2tWPCwVGNnV1N0RGE0MklDX01BdGg5OFVBeXVvOXMwV1J4QThOM3dKVHVCQW1zdDg2b3ZFZmNLS1BmeUtGclcwZHJUSW5VNldPbU53ZDNRMmsxNkprTFdSMlBqT2hfZ1hraG1ObVE5d0Q1ZHU1Rm9vUmJQajlZWHN5S3ZkUEVJZ3dyOTN6OEF0RTI1YncxZFYxY3RCaWdHd2x5Skt2aTNlbHBqSnVuZGlUV2k0S3NnM2FqRlkmyRgAZBHA9CgGMXdqSnlDNG1tTk9HOEJfMUtfYk96dHd2TloxVUFuOTU3SUktTEV3Wk0tTkVCSUtHNHUwT05ONVE2RHpyd0xQR0liX3hYZFJ5bmctQl9YUVlDZjZ2cVI5b2h2YVAyd2Rac19VekpWN19CakY0WWloSVdPWGdZaVdvOHMtWEM4THY3TjFOR3pkdjduLTd3WTNncEFVSkhILUhJeWcxWllKUG4wbV9YLWM1ckNHdmNmaGIyRTNLUzhZWVdNcXpTV3FpRDZuUnd1WUFMVVJQa2taYVYyTDdIdFNRT2c2T05McEdGZ2JRTG05Mnl3Njc3TG0ySDR5dVM2UHh3WmdHTnRGSVNpd0diQXdRdFczU1VmTldQZFo3ekx0b1NBMW5uYnBjLUFCWEFqeWwzaUY0LWhIZ2cxWG5Zc3VfWE9raDdoRm50c3M1RkxZWlpxaFFFVHU3MHlZUDZxZTV6SzUweWdES1NFMy15UVI2OHhsX3RPbjVNSE1hbkRsaVlfR0pSQ3d0VnFMQ3FkWkpTSFFwMlUyZHBVX1lWdkRKV3dkYmtTajFGXzVSNU8tLXZzNUNRLVo0ZjZpOVY3cUd2bG5pV01BQjE5QTRfdDZzOVJuTk9PVERJS01NNEJtUUViQ0llN2wtcExKdV9qem42djhMakFxV2M2bThMNGtyaFRqZXY4ajl2TkhjSndoS0pucFpobDNNUllySVBVNFprc1NjNGxkVndCTWNZMHlBQTlRNjAtcFVkUnJJTWZMTFVROC1LNzJGbjB0SnpleGRuY0ZDT0UzclJHWENmV0pwcUlENnNhOGNZMXByRXNoSDhKU0FGZmFzOGU2MV93UWNySDRBbS1SdV9YMEh4Q0hDN2JlLVVPWElmRERBRXFrUzUtaDNjcHNtSUFpNXBKeDRnY2RpTDF1QjJtU250UWZjMV9vM3piZjJ6UEx5NzFJaDBxR0p4eXpqNVVuY2doTjVEMGFZeUtKV0RhMEtIeURvVTUxWDdpWXR2ZVMtdGJvbE1YNzFxYk9UWmdPNU9ZUkVoZVRGckJJM1pPZG85Q19pcVlXcUZBNjlEZzRBTXNVM0hwQjZvTFBadHhKRG81cG9IMWNwQUlaM09ZVkpBMlUtNkw4WHA3TmMzTHpKYU5fZjRYYlF4NGdONFk1VGUxeVZIWWE2ZGQ5OW1YN3lTX20xS0F0dEhHMGdaQWdDWndnR1NBY0tyTDVDbzE3ekxjeXc4RGt6bk5xLUhlcHJQYUY2YlRXS0g5X1lkMmExbWM1VmtpcjZ6eVBPZ3M2ZEtMNnRMYVhGTXVZTWU4LUZBVTlwNlBBNl8tMEFFMHlpOTJfR1h1M2liWHFZam56RGJ6LWtlNTRCNmVGMk5xVGxBbjFtVzc5LTlKX0JObDljZ0FpZ0ZyU0hSbjNRcUxWYTkzSzc5Q2NOcExOQWpVeWVjSnBJeHdhNkdSMXp2VlJ6LVNrQ0dsMzd6c0pnNUdQcW5tcjd0SnJtR0dyZF9uMWZaWjRDcFFTX0Y1YzlONk5LY0pKc002czdqSnNmMnBfMUE0SDItUlN0OEQyYTJrNEM4UW5JblVsUUFjZ2xzeC1ucDY1aExXMGdVeGF5cFZGb2hyNzhXUlMtM1AzZHhTWVBmJmNpZD1DQUFTQk9Sb2JUTSZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABIbVtSLIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF4_nE3u_z4PNIwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvOAb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAaoHDDEzMjYwMDEyMzA2MroHDwgAEAAYACAAMAA4ugZAAMgHANIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEAA.&s=38c732021d03598ede208428d6bd0ab21b1ed33b&bdref=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603,http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:11 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 49a24864-1d50-48d8-9576-213f6aa9226b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 7082 99 KB
35 KB 72ms
71ms XHR
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c3bccfa6d963f75a3727e947cd9904f35fcdd17e409b660a0f64ab5bd617de42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 24 Apr 2022 21:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35547
x-xss-protection: 0

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame F0ED 0
819 B 55ms
40ms Script
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QLTNOhTGgAAAwDWAAUBCJr8lpMGEPTL_qWxo8eWFxgAKjYJbyu9NhuLAkARPTDbqRSG_z8ZAAAAoHA98j8hPQ0SACkRJNAxAAAAwMzM3D8wgZnHCjilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jd6AWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARH0KgFjb2RlPTYwM_ICDQoGSEVJR0hUEgMyNTDyAgwKBVdJRFRIEgMzMDDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTIxNjI1MjI0NvICvxUKC1BSRV9TQ1JJUFRTEq8VPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO3ZhciBrPUFycmF5LnByb3RvdHlwZS5pbmRleE9mP2Z1bmN0aW9uKGEsYyl7cmV0dXJuIEFycmF5LkItABAuY2FsbAEpJCx2b2lkIDApfToVzYhhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuIg0aACEVGsBjfHwxIT1jLmxlbmd0aD8tMTphLmluZGV4T2YoYywwKTtmb3IodmFyIGQ9MDtkPGEuCSlcO2QrKylpZihkIGluIGEmJmFbZF09PT1jDWgIIGQ7CXEsLTF9Oy8qCgogU1BEjjoBEcw4IGwoYSl7bFsiICJdKGEpDU4IIGF9CRMAPREoECgpe307EQ0EIG4BNQRhPSkaOD09PWE_ZG9jdW1lbnQ6YRVDJC5jcmVhdGVFbGUBGRgoImltZyIpHUUAcCFIdCxkKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KFoaABA9W10pOyEsFGI9bihhLhF8BCk7ISkEKXsBGgBlLroAGRcEZj1aUwBoLGc9ayhmLGIpOzA8PWcmJkFycmF5LnByb3RvIdsYLnNwbGljZUkVdGYsZywxKX1iLnJlbW92ZUV2ZW50TGlzdGVuZXImJlIXADQoImxvYWQiLGUsITEpO1IjAGI6ABBlcnJvcg07GH07Yi5hZGRCcwA-FAA-cAA-IAABbT4UAAAoNmoAHGIuc3JjPWM7WjEBGC5wdXNoKGIu0QEEcSgpfARhPTGSNC5jdXJyZW50U2NyaXB0TRoAKDI5AixudWxsOmEpJiYiNzdhSTxhLmdldEF0dHJpYnV0ZSgioTccLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHfBGcj1SZWdFeHAoIl5odHRwcz86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTt5KwB0FeAAaAVhDGM9W10FCQRkPQHGDDtkb3tBexhiPWE7dHJ5BQwAZUGTGGU9ISFiJiYBJFAhPWIubG9jYXRpb24uaHJlZiliOnsBLZBsKGIuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobSl7fWU9ITF9AV4IZj1lGRcAZgEWDGlmKGYpeQBnPl4ADDtkPWJ1HyH0NUIkcmVmZXJyZXJ8fAGXJH1lbHNlIGc9ZCwNywBjKd8wbmV3IHUoZ3x8IiIpKQXVFGE9Yi5wYSHUGYYAYQX_TH19d2hpbGUoYSYmYiE9YSk7Yj0whdUAYZX2dC0xO2I8PWE7KytiKWNbYl0uZGVwdGg9YS1iO2I9aCErOR4BrjUqOGFuY2VzdG9yT3JpZ2luc24cAK1hAD0ddQApoVsUYT0xO2E8sYBMOysrYSlnPWNbYV0sZy51cmx8fCgFCC5CATp2ABRbYS0KMV0hDBgsZy5oPSEwAeMpIgBoGash1WXlAGclFiUCBGQ9MgQBHDA8PWQ7LS1kodhIZj1jW2RdLCFnJiZyLnRlc3QoZgGPICkmJihnPWYpLAUOLCYmIWYuaCl7Yj1mO0UbAH0NXQBkFeYEJiYBzAE7BDswQWUlWggmJmQFSAEbCCk7YwWtEHYoYixntegUYy5nP2MuBfoMOmMuaQFAAH215gB2oaEcKXt0aGlzLmlB1QEJCGc9YxkiAHUdIgh1cmwRJBRoPSEhYzsFLwWIJQq9-gB3dUkUdCgpLGM9-Qo8Ij8iKTtzZXRUaW1lb3V0KBGMDTEAZNlzGGQ_LjAxOmRBNUQhKE1hdGgucmFuZG9tKCk-ZClpDwxiPXEoIaQAImX_NDovLyIrKGImJiJ0cnVlgWsAYlZrBDgtcmNkIik_InBhZ2VhZDLNnRBzeW5kaWm5IC1jbi5jb20iOmYjAAUgDCkrIi8JRXgvZ2VuXzIwND9pZD1qY2EmamM9NzcmdmVyc2lvbj0ihUUMZT0oZQGxDCkmJmVamQANMTAiKXx8InVua25vd24iYeNcK2UrIiZzYW1wbGU9IitkO2I9d2luZG93BVgAZjk0FGY_ITE6ZiEzNGU9Yi5uYXZpZ2F0b3IpMg4AUC51c2VyQWdlbnQsZT0vQ2hyb21lL0mbIGUpJiYhL0VkZxkRHD8hMDohMTtlYZMVUTAuc2VuZEJlYWNvbj8KHWkdGCQoZCk6cChiLGQsIkUICZ4IKX19Dg4JFtYIKCAwPD1jP2Euc3ViFlEJHCgwLGMpOmF9CeAMLnJmbC7oBw01BGVuDvkKUFVSSUNvbXBvbmVudCh3KCkpfTt9KenBQZoQKTsKPC8apwpo8gLeAgoKRVhUUkFfVEFHUxLPAjxkaXYgc3R5IVIMcG9zaaGxZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyDhS1WHSRRKWQJBNg0eLjICFGF3YmlkJgUG8J9fYj1BS0FtZi1CTEFNbGRQMkFpeVRPX2RzN3daNEl4d2RsdThUcDdhZGItUzhFTVZERWcwT0JCUmdWNjZYRC1HZHdCUzMyUE5FX2xCLUo0ZGFfT05zVVhhQjdQS3VXdXJpWE1hM1ZTY1JzMTVUMDNZMEZfVW9rZDIzUSIgYm9yZGVyPTAgd2lkdGg9MSBoZWlnaHQ9MSBhbHQ9IiIgc3R5IS-oZGlzcGxheTpub25lIj48L2Rpdj7yApkBCgxQT1NUX1NDUklQVFMSiAE8cxIXCDYdARYLClBhZHMuZy5kb3VibGVjbGljay5uZXQxGzx4YmZlX2JhY2tmaWxsLmpzAWUtyg1TAD6dORwge3IzcHgoJyKxDBwnKTt9KSgpOz3_EIAVChBIAZ00UE9SVF9QQVJBTVMS6xSROIqUADhhZGZldGNoP2Fkaz0xNjAFAvBbMjUmYWRzYWZlPW1lZGl1bSZjbGllbnQ9Y2EtcHViLTMwNzY4OTAwMTI3NDE0NjcmZm9ybWF0PTMwMHgyNTBfYXMmaXA9MTc4LjE2Mi4yMDkuMTMzJm91dHB1dD0OlA0oJnVudmlld2VkX3BNoiBfc3RhcnQ9MSahjSaSDhAmc3ViXw19AGJBmPReAXItNTY1OTU2NiZobD1kZSZhY2VpZD1NTFFUdEFDU0c3UUFtUnUwQUpmazB3RDVWVFFCRG1nMEFiRnJOQUhJYkRRQjVXNDBBY2h5TkFFMGN6UUJwM00wQWFsek5BSDlkRFFCRVhVMEFTaDFOQUZMZFRRQmRYVTBBVlIyTkFHamRqUUJ0WFkwQVJWM05BRkJkelFCU0hjMEFVdDNOQUZUZHpRQlduYzBBWHAzTkFGOGR6UUJoM2MwQVl0M05BR1FkelFCRW0xQkFVdHpRUUZUYzBFQk9melpBYkFGMmdINkcxd0MtQjFjQWtvZVhBSWYtb2dDbjBDcUFpZENxZ0lvUXFvQ0tVS3FBaTFKcWdKZlc2b0NvV0NxQXM5aHFnSzNaYW9DOEhhcUFwbDZxZ0x6aHFvQ0tJcXFBbzZLcWdMM21xb0NnSnVxQW9HYnFnS0NtNm9DVGFDcUFvLWpxZ0tRcAFQ8GVxaXFBdUtwcWdJc3JLb0Nuck9xQWlPMHFnTFB4Nm9DOE11cUFuek5xZ0psMDZvQ1VkZXFBbFBacWdLcTJhb0NWZDZxQXByZ3FnTEk0YW9DeHVPcUFtWGtxZ0ljNWFvQ29PV3FBamoBYPSOAVc2cW9DUHVxcUFnRHJxZ0pkN3FvQ09fS3FBblR5cWdKMThxb0M4X1dxQXZyMXFnTEU5cW9Dc19lcUFnRDRxZ0lSLUtvQ2FfaXFBc0Q2cWdJbS02b0NRdnVxQWtiN3FnS2EtNm9DMFB1cUFnYjhxZ0tFX0tvQy1mMnFBbUQtcWdLRF9xb0MwdjZxQW5mX3FnSjlfNm9DN18tcUF2VUFxd0l5QXFzQ1F3S3JBcWdDcXdLd0Fxc0NJQU9yQWl3RnF3SUlCcXNDUndhckFyNEdxd0xFQnFzQ3RnZXJBdDBIcXdMQmJDUUV5YWlFQlp1enhRV0RCX2tJcXpXZ0RQcUVZaEE0UnVJUzBxdjdFZ2JKLXhJdnlmc1NCTXY3RWk3WS14SzYzUHNTTS1MN0Vnbm8teExsNmZzU2ZPejdFZ1h0LXhKeTdmc1MyUFA3RWl2MS14SUM5X3NTRmZmN0VuajMteEw0Vm1zYXFMel9JNUlGdGpOSEd3ZHEmZXhrPTIxNjI1MjI0NiZhd2JpZF9jPUFLQaGd8LA1ZnpncllZbGNab0EzXzRmOWNBd1dRRzBHR0Z5bms2bTMxdVVPSW8wU2lwWVp2RkxJQUZRczZvRHBCWWJ5XzhKOFRmQk1fbjNpOXhPUmxEWVRoelRzYjNOZHVOajRoc0FWNVJmeklPcVlBWV8zQ1pnVGxyc3RTRENUdE5ybVJZcTNkMVd0ak5SOVBieEwyZHBkQm5RTEp3VEF4eXAwd0w0eFRFVVhWRVhrcElFYVpjRSbJXQBkzV30wQZBdzlURzBBS3FvMVFoTDNvVUExVS1mR01SYlVsMzRtRFNjaUFWamlNeFVnMnFBM0tIRHpjVGtZMFdYNHFQV19jeTB3N056a2pmTHdSMURRUXhmYlduTUNobnZYTjFReXhSYWh0bTRNYlBjZUFvMXItQlFrV3V3Tkk0bHp3WjhxYXhzNlBVWWdrcjR1ZzF1MF84NWpjWjlheVhWMEliTnFkWDJvcm90VEE2YXdQTzdTeW1ra1RBdVQ0WUhvYjBOTTFoUzljcWFsbTl6QmNMakdRMW0zdzc0cWtINGFJWEdEblJOczZ5ZXdIanZyRklWSl8xdGxQZGY3d0FVTTN4UU1aOFF0TjVzS3dnRUwyYjdVQWdoWVNaSkc5eWNFcGgzcmhCRDRKOWZNamtqWWI2R2pxY0g4eUtFQ3dpLVpkeW1UczMzTGlXNG16dkdoTjliV3ptLUFJUGlHWEI4OFlGX2Y2TVdVYVRHcF9iVmVJT0diM3B0SnR0b0xybk0zdUlQeURMYzNrRWVpbDRhWTUyZzgyMEVMbEs4MFFzYks2M2JGV3Nac3BHZ1lSWXhtc3ZfelFlTjJGcEtVMVRzc0hxeDlLcWktQVdNRXRYNEFWVGhpenRRWUQ1Ty1EM2ZGa1JyWG5FM3RSZzlLU2RqelRFWlJaMXJ5cThjTW12a2QyVzdLOXRUUFQ3dVpUWG5OdVp0NG13SzZnRzEwVDV3MldkWmk0NTBDV0llRVZPU0pvbDdtRGFZQnZlUXFBVi1VYWtURVB0aUxaTm1Db3hOYS02c1MxMzNseTJvLWpMTjZHYjZsYmlKLXpXVjBxa3VTanpxa2tSQkNsc2U0Mm93d3lwZjFaZkxwM2hXdG9VbVVsdTNzdUJ0dmk0SHdmeDU4bnpiV2ZCT2sxeDRoQ1djRjk2akcwZVVwLUhLb2pLNGpyeEtSV2FRUDZjZmZWV1FlRWxZM1JKZlhPbER3OTJlY0FVblI5ZmdRemUwTXlMWFAwMG9sUDBWajlSSFU4aXlhSHA4V3NJSXVDYWVDdl93Q3NidFdGdndfSUZWY0lfa3pxcnB1dTBJR3FuQXUyd0hXT09TTWM5TkVaRlNWUE8xX21CdkxuTFVBVnl2XzJxR0YzY2dpN290bEsyQlEweFN4d2VpbGtGUU41M1BYc3VFYnE3b2cxa0lIcDNQQnEtUkpjS2N2aEFjRFVMVlU2YXZQbEF2V1FyN1NZbHJRUkJYRDdNaWt4YktQNE0yQklDMnFHWkY2SjY5TWREMnN6MVlWN1JqMmw2U1FMTzBrV0IyLXRjTnNSNUc2SnNvSC1qNkJSQUxwZ3FXYncwMTE3Ri1hcThpenVpTldydmZTa3ZQWHBXSHF5NWZMSGFlMFN1Vm5NeTFFbTBhWHlzNGJPMHd1Ykg5emhBUHZ6LWNlOWVBcjFYLWdrQmItUW1jcWwteE1pUnhnbWxaRFpBd3E0WkpzeFJvczVtbDFFVUszcTZKNTNpNl9Cay1ka2ZKY3VQSm8xTGhrZ0E4ZmJKNHFscmRwM3p6WDRRT3F4TXhoUHd1UmhpRXZfTTRCYnIzN3NMNy1EbE5rZUtUYWZXUGpFZXA5V25VYVRySUNnNFJOd2ZYdmwxbzBGY0xxbnl2d1hJTUFndk9ZZFpjcUxsdU5za2xUb0VDZjNuVXhxTWU3emJidUNfQmtUN1dCWEVhRHZoUVktTnkwc0tSdXA2aDVpY2o0Z1BGNDdOdmZaR19hVTlJN1hjU24waHJ6WWpNZVM2eEFqMF8zckp0cUVsQVNXOUliMWxiMU5IVmxuM245bVJucjJnVlN0NnREWjYtdHlUeG9RJmNpZD1DQUFTQk9SbzRPQSZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABIbVtSLIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF8qqL5vzA_epMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFvOAb-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAaoHDDEzMzc4ODgzNTA4NboHDwgAEAAYACAAMAA4ugZAAMgH3egF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfC_AOKCAIQAA..&s=60148f70a8fedda1c5d542612aa4599db7d9b26d&bdref=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603,http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:11 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 03e4b1a2-a2d6-4b3c-bd13-80edaeaf364c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 25E1 91 KB
33 KB 87ms
86ms XHR
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

def42eaed918ead7f93f1e38ee581b5897629dfb6044382bafee16b1f9c92f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 24 Apr 2022 21:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33347
x-xss-protection: 0

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 3A95 0
845 B 51ms
51ms Ping
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKXB-iXAwAAAwDWAAUBCJr8lpMGEJvOi53v8c6RIBgAKjYJu2BwzR194z8ROVJsu7-Q4D8ZAAAAQOF69D8hOQ0SACkRJMgxAAAA4FG43j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3gAgAEBigEDVVNEkgEBBvCVmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AL7tVzqAq0BaHR0cDovL3NhZmFyaWNvbS56ZXJvZC5saXZlL3plcm9kLXdlYi9lL3N3aXRjaF90b19kYXRhP29yaWdpbj1odHRwJTNBJTJGJTJGc2FmYXJpY29tLnplcm9kLmxpdmUlMkZ6ZXJvBUawJTJGciUyRmxhbmRpbmcyJTNGaWQlM0QlMjZiZWF0c2VyciUzRDgyMSZpZD0mERMAPQERcGNvZGU9NjAzgAMAiAMBkAMAmAMXoAMBqgPqAQq_BcOAczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1EaEJZT2EtaVhQbEV2RGpaYWJDa2tMbl9sS1hYRENKUlFtcEJNMVhCOWV6eng0Z0hOMjlEMGV2UkM1NjJMVVdMb2hncUl6UDNMelhFNFdOU05XYVZvVDFrcVdVUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyMzE1NzYwMTE4NTU3NTAxMjExIgg3NzIyMTc5MyoEMzk0MToBMMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTMzqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEhtW1IsgEANoEAggB4AQB8AShn-kkiAUBmAUAoAXj-cTe7_Pg80jABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW84Bv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAE1GQGoEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcBqgcMMTMyNjAwMTIzMDYyugcPCAUsPCAAMAA4ugZAAMgHANIHDQkRSgFIDNoHBggFCUTgBwDqBwIIAPAHwvwDiggCEAA.&s=8627ee25353bbee6c469718c21cbdb59a43318ee&type=nv&nvt=5&jm=1003&px=647&py=205&bw=300&bh=250&sid=5844104761779429166&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23351023&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:11 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6deab92a-360a-4b8f-956c-bf8a77604f0e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame F0ED 0
845 B 17ms
17ms Ping
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKwB-iwAwAAAwDWAAUBCJr8lpMGEPTL_qWxo8eWFxgAKjYJbyu9NhuLAkARPTDbqRSG_z8ZAAAAoHA98j8hPQ0SACkRJNAxAAAAwMzM3D8wgZnHCjilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jd6AWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARFwY29kZT02MDOAAwCIAwGQAwCYAxegAwGqA_8BCtQFw4BzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20NHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvSBAV9iPUFLQW1mLUJBaUtNa0hVcGFMTUt0dXhvQWMwRmFtV3lHSUFuQnJOb2NoQnZ6VmdZUmxqODFtZjlCMW1XTEl0RHg2eVBxX3FfOFpTVk13QnNzbTh6ZVJaWmtFa1hmYlRCQW9rUXc5b3BjU19RR3J2NVZiS1lMVm5rJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE2NzAwMjMwMzg5NzM3NDg3MjQiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwASG1bUiyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBfKqi-b8wP3qTMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbzgG_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAABTkJAagQABgA4AYB8gYCCACABwGIBwCYBwGgBwGqBwwxMzM3ODg4MzUwODW6Bw8IBSxEIAAwADi6BkAAyAfd6AXSBw0JCUgAAAUeDNoHBggFCUTgBwDqBwIIAPAHwvwDiggCEAA.&s=eb435e14843e81437000730c1cb22e4d5ea6492c&type=nv&nvt=5&jm=1003&px=647&py=637&bw=300&bh=250&sid=5844104761779429166&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22137985&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:11 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ae9fde1-0fa0-4c25-b8f5-0f7a394e0c73
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 5baa728a4cf4b2cbcc891e962e37f4f2.js Show response
www.gstatic.com/mysidia/ Frame 7082 14 KB
6 KB 160ms
13ms Script
text/javascript 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5baa728a4cf4b2cbcc891e962e37f4f2.js?tag=client_fast_engine

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

aea9a8d20533707e95afc9cc9c41d83a272b6ec9ee5030d3b81e637f4f97f82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 10:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5507
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 10:51:06 GMT

GET
H2 200 551a410f22968205b8739ba20bcf63c7.js Show response
www.gstatic.com/mysidia/ Frame 7082 11 KB
5 KB 176ms
28ms Script
text/javascript 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/551a410f22968205b8739ba20bcf63c7.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7966d708efd9cb7821ca56686773681876cd9fc4effd960eeef97797e5e27329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 10:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4552
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 10:51:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7082 8 KB
1 KB 170ms
24ms Stylesheet
text/css 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 19:51:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 21:16:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 21:16:11 GMT

GET
H2 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 7082 2 KB
1 KB 175ms
29ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 20:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
server: cafe
etag: 17441257144546641969
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 20:56:25 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 7082 25 KB
10 KB 159ms
13ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 21:11:14 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 7082 3 KB
2 KB 174ms
29ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 21:13:55 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 7082 19 KB
8 KB 160ms
15ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7667
x-xss-protection: 0
server: cafe
etag: 7504708142712926003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 21:04:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7082 119 KB
37 KB 173ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 21:16:11 GMT

GET
H2 200 617b63f321f8765d5e5b029f2733e5f4.js Show response
www.gstatic.com/mysidia/ Frame 7082 39 KB
15 KB 158ms
14ms Script
text/javascript 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/617b63f321f8765d5e5b029f2733e5f4.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b50a75198d34e4ad82efa4840a3c3c0d319203db9c65295a9a763ebfd0e999dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 13:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15048
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 13:58:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 25E1 6 KB
743 B 140ms
24ms Stylesheet
text/css 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 19:54:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 21:16:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 21:16:11 GMT

GET
H2 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 25E1 2 KB
1 KB 153ms
42ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 20:56:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
server: cafe
etag: 17441257144546641969
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 20:56:25 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 25E1 25 KB
10 KB 127ms
17ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:11:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 21:11:14 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 25E1 3 KB
1 KB 152ms
42ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 21:13:55 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 25E1 19 KB
8 KB 137ms
27ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 691
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7667
x-xss-protection: 0
server: cafe
etag: 7504708142712926003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 21:04:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25E1 119 KB
36 KB 165ms
55ms Script
text/javascript 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 21:16:11 GMT

GET
H2 200 617b63f321f8765d5e5b029f2733e5f4.js Show response
www.gstatic.com/mysidia/ Frame 25E1 39 KB
15 KB 135ms
25ms Script
text/javascript 2a00:1450:4001:811::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/617b63f321f8765d5e5b029f2733e5f4.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b50a75198d34e4ad82efa4840a3c3c0d319203db9c65295a9a763ebfd0e999dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 13:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15048
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 13:58:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 25E1 0
20 B 50ms
50ms Image
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8hElGr5lYoa5LsOIrAT6gofgD4_byd5p37PDsqsQv-EeEAEg5pfWJWCV8q-CuAegAfuy0fUCyAEJqQLq8IMTMh-yPqgDAcgDywSqBMIBT9Bh-IMyd6qwJqoet5YMhkU5Nmr3bdxLNjmgGBjpOk4TTIKpe5USIN23vmmOH0iPHVJ5hXELc94aQ3xRYVM5M9Dm2Y5hZxvpv9U5TtpiDocaRO8TVaGnlkcUvrvQUqeDB4iL9OWe-4NHcF5Fb8Hinwgol0kR1D892KQOaNhpoJ6nGVTSxF7wqdB2Ar39aS5xOqhByiK-P8oQimrdqx_nZNee4vlj04jYRZXaEyhOoHkHeBiD7VWrdTJ8nJqvAFoJUGPABI26vrPyA5IFBAgEGAGSBQQIBRgEoAYugAftzK6KAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA0ggJCIDhgBAQARgA8ggOYmlkZGVyLTU2NTk1NjaACgTICwHYEw2IFAHQFQGYFgGAFwGyFwgKBggAEgAYAA&sigh=TSERQsk9JsU&uach_m=[UACH]&pr=10:2.317923&template_id=484&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Apr 2022 21:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Apr 2022 21:16:11 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/14080622938249889220/ Frame 25E1 47 KB
47 KB 138ms
30ms Image
image/jpeg 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14080622938249889220/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

9863f435d1adbcab57568461953619064d74e03cbd998875a1d071e0966f3579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 22:06:58 GMT
x-content-type-options: nosniff
age: 169753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47943
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 14:40:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Apr 2023 22:06:58 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4679218281316417053/ Frame 25E1 1 KB
2 KB 138ms
29ms Image
image/png 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4679218281316417053/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

885391d5dcf9d21e688dae65b6f8e41c03cfb141e053c5744d61f49d1002d3d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 15:14:34 GMT
x-content-type-options: nosniff
age: 367297
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1331
x-xss-protection: 0
last-modified: Fri, 25 Jun 2021 09:55:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Apr 2023 15:14:34 GMT

GET
DATA 200
OK truncated
/ Frame 25E1 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39bcabb89470bd1732dbd665bc3d0a210de6e765fcbb63b05bbd3369c57657d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7082 0
21 B 56ms
56ms Image
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKeSlGr5lYsq3LrjZx_AP0MWDwA2lgdTCadDk8ZXLD7_hHhABIOaX1iVglfKvgrgHoAH7stH1AsgBAakC6vCDEzIfsj6oAwHIA8sEqgTBAU_QyRUHcKQWTEbsKaqyURpxLSkIK4M52TBdxR_eSvvthqEzvkdvSJJCZvMV1jJi5dNOatZM59DEKCd0NsbzTqBce9MEeHDefaEZ1SYNql9fXLFaM-UXLDY7GJ-G5iPpudgAZlnmMReIoH-5s_fjNlIMGJjxoMfRoJ9ouoip1xGUZkjffJowUyL-DN2vgAkkCgEW-TBB03SP0PJLT314qufNslDukqkE-v6GaCkXTDLYV979GifW-ZSudbgVv3ySeqvABLad1fztA5IFBAgEGAGSBQQIBRgEgAftzK6KAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB0ggJCIDhgBAQARgA8ggOYmlkZGVyLTU2NTk1NjaACgTICwHYEw2IFALQFQGYFgGAFwGyFwgKBggAEgAYAA&sigh=T2eDo97Z5V8&uach_m=[UACH]&pr=10:0.609023&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Apr 2022 21:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Apr 2022 21:16:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A70 143 B
163 B 15ms
14ms Document
text/html 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 21:06:39 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7082 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c09cc5a1110be13148b575efd97c5061d4cab4f4ee0e92a9f207edc7a665c2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 7082 28 KB
28 KB 68ms
31ms Font
font/woff2 2a00:1450:4001:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 428551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:13:40 GMT

GET
DATA 200
OK truncated
/ Frame 25E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d1514d49588c956adb4a2582345675504450f666b441c3ba222964f32a6df1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 25E1 15 KB
16 KB 29ms
15ms Font
font/woff2 2a00:1450:4001:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 242990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 25E1 15 KB
16 KB 49ms
38ms Font
font/woff2 2a00:1450:4001:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 357592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 25E1 15 KB
16 KB 26ms
18ms Font
font/woff2 2a00:1450:4001:803::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 357459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 17:58:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A70
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

67ms
67ms

Document
text/html

2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 21:16:11 GMT
expires: Sun, 24 Apr 2022 21:16:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 21:16:11 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CC5 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 18:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Apr 2023 18:16:30 GMT

GET
H3 200 JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 119B 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 18:16:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 23 Apr 2023 18:16:30 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 3A95 0
845 B 18ms
18ms Ping
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKXB-iXAwAAAwDWAAUBCJr8lpMGEJvOi53v8c6RIBgAKjYJu2BwzR194z8ROVJsu7-Q4D8ZAAAAQOF69D8hOQ0SACkRJMgxAAAA4FG43j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3gAgAEBigEDVVNEkgEBBvCVmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AL7tVzqAq0BaHR0cDovL3NhZmFyaWNvbS56ZXJvZC5saXZlL3plcm9kLXdlYi9lL3N3aXRjaF90b19kYXRhP29yaWdpbj1odHRwJTNBJTJGJTJGc2FmYXJpY29tLnplcm9kLmxpdmUlMkZ6ZXJvBUawJTJGciUyRmxhbmRpbmcyJTNGaWQlM0QlMjZiZWF0c2VyciUzRDgyMSZpZD0mERMAPQERcGNvZGU9NjAzgAMAiAMBkAMAmAMXoAMBqgPqAQq_BcOAczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tDR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1EaEJZT2EtaVhQbEV2RGpaYWJDa2tMbl9sS1hYRENKUlFtcEJNMVhCOWV6eng0Z0hOMjlEMGV2UkM1NjJMVVdMb2hncUl6UDNMelhFNFdOU05XYVZvVDFrcVdVUSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMyMzE1NzYwMTE4NTU3NTAxMjExIgg3NzIyMTc5MyoEMzk0MToBMMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTMzqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEhtW1IsgEANoEAggB4AQB8AShn-kkiAUBmAUAoAXj-cTe7_Pg80jABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AW84Bv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAE1GQGoEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcBqgcMMTMyNjAwMTIzMDYyugcPCAUsPCAAMAA4ugZAAMgHANIHDQkRSgFIDNoHBggFCUTgBwDqBwIIAPAHwvwDiggCEAA.&s=8627ee25353bbee6c469718c21cbdb59a43318ee&type=pv&jm=1003&px=647&py=205&bw=300&bh=250&sf=1&sid=5844104761779429166&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23351023&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:12 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c029cf13-fc87-45c1-a9e6-e8891f6abd26
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame F0ED 0
845 B 75ms
75ms Ping
text/html 185.33.220.145

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKwB-iwAwAAAwDWAAUBCJr8lpMGEPTL_qWxo8eWFxgAKjYJbyu9NhuLAkARPTDbqRSG_z8ZAAAAoHA98j8hPQ0SACkRJNAxAAAAwMzM3D8wgZnHCjilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jd6AWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARFwY29kZT02MDOAAwCIAwGQAwCYAxegAwGqA_8BCtQFw4BzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20NHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvSBAV9iPUFLQW1mLUJBaUtNa0hVcGFMTUt0dXhvQWMwRmFtV3lHSUFuQnJOb2NoQnZ6VmdZUmxqODFtZjlCMW1XTEl0RHg2eVBxX3FfOFpTVk13QnNzbTh6ZVJaWmtFa1hmYlRCQW9rUXc5b3BjU19RR3J2NVZiS1lMVm5rJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzE2NzAwMjMwMzg5NzM3NDg3MjQiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDAOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwASG1bUiyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBfKqi-b8wP3qTMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbzgG_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAABTkJAagQABgA4AYB8gYCCACABwGIBwCYBwGgBwGqBwwxMzM3ODg4MzUwODW6Bw8IBSxEIAAwADi6BkAAyAfd6AXSBw0JCUgAAAUeDNoHBggFCUTgBwDqBwIIAPAHwvwDiggCEAA.&s=eb435e14843e81437000730c1cb22e4d5ea6492c&type=pv&jm=1003&px=647&py=637&bw=300&bh=250&sf=1&sid=5844104761779429166&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22137985&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 -, , ASN (),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 21:16:12 GMT
X-Proxy-Origin: 178.162.209.133; 178.162.209.133; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 78b3c221-1527-4814-ae69-b62dd9c3710b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safaricom.zerod.live/zerod-web	1969-12-31 23:59:59	Name: SESSION Value: ZmI0Y2QyNGItODVjNS00YTg2LWFjZTItMDdhMmYxNTQ2MmNk
safaricom.zerod.live/zerod-web	1969-12-31 23:59:59	Name: TS011d313c Value: 01b02e3e894c887176ec0111b2ce4b7e3f86556a1f3e31658b9dc86f49151e5caa96f34d81a0f1a4be7cb432f0b4ea70fb0863df0a
safaricom.zerod.live/	1970-01-20 06:53:06	Name: _ga Value: 0f8dbaaf-b2de-4d52-8c70-ccb7a259179a
safaricom.zerod.live/	1969-12-31 23:59:59	Name: TS01a6d453 Value: 01b02e3e894c887176ec0111b2ce4b7e3f86556a1f3e31658b9dc86f49151e5caa96f34d81a0f1a4be7cb432f0b4ea70fb0863df0a
.adnxs.com/	1970-01-20 04:43:30	Name: icu Value: ChgItJR6EAoYASABKAEwmvyWkwY4AUABSAEQmvyWkwYYAA..
.adnxs.com/	1970-01-20 04:43:30	Name: uuid2 Value: 2599591869475427006

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.projectagoraservices.com
adx.adform.net
ams1-ib.adnxs.com
cdn.adnxs.com
cdn.jsdelivr.net
cdn.kdaimo.com
cdn.projectagora-adtag-library.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
header.safaricombeats.co.ke
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
prg.smartadserver.com
safaricom.zerod.live
script.4dex.io
secure.adnxs.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
143.204.98.2
151.101.129.108
185.33.220.145
185.33.220.240
185.33.221.88
185.86.137.113
196.201.213.123
2606:4700:20::681a:8a9
2606:4700::6810:5714
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a02:26f0:3500:11::215:14d6
2a02:26f0:f7::5c7b:e121
37.157.6.242
51.89.9.251
91.241.94.160
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1077b4e81880c532ec050485f90b6a4d6c7696feec3eb753a8832b13a0ed5577
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b8fc659321ea327b1cdf963a29b1c0d333f0a31bd1b87c55ace5d3d4c776d0a
1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d94e7d84f6cceab3387efe1f9e97bb88ae9f705892baab21b4181c9a7804be8
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3b70887958a033ccd797783c1ddf3a84838cff653c76362dc7deec21badcf1f2
44ab7537c8654b947626f8735fb7a8c99f250dbe3358b0d92dd4b3ae3020dc14
4530f488cda1bb6ed862f31e18b067ba3f04336f1a1a2314f4d5ef2888a61ba5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51567fa9aed529afecdac846ddf4897271cd94aeab45c4e992dbe20339814882
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
7966d708efd9cb7821ca56686773681876cd9fc4effd960eeef97797e5e27329
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7e6a2a41ceb893488e65f890b785daab9830ee269b8933debba8d0691115677e
824d720c6405a229043f7457b4d7ddcf5f8cbb84625c6fa23d60f1bf21578faf
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
885391d5dcf9d21e688dae65b6f8e41c03cfb141e053c5744d61f49d1002d3d0
8d591022363d0eb71a769805939c4d2bdb37b67671703871e00fb41cc97e653d
912fba92be2e04c0069d92bf1450d896425ee4a2491c930a2632ddb761642e02
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c
9863f435d1adbcab57568461953619064d74e03cbd998875a1d071e0966f3579
9cab404a239f93927c6c6cc6c16679e07751758068231cc53b5aba5acb8210c4
a39bcabb89470bd1732dbd665bc3d0a210de6e765fcbb63b05bbd3369c57657d
a826c0edc4295da61d2f99c53d8b785decc4acb1aff2665d53b884376ee82ff9
aea9a8d20533707e95afc9cc9c41d83a272b6ec9ee5030d3b81e637f4f97f82a
b3d1514d49588c956adb4a2582345675504450f666b441c3ba222964f32a6df1
b4afe8fb8c912a034e0d39380f91bacde77ca02c22527ad8e3933fb6e4835968
b50a75198d34e4ad82efa4840a3c3c0d319203db9c65295a9a763ebfd0e999dd
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
c09cc5a1110be13148b575efd97c5061d4cab4f4ee0e92a9f207edc7a665c2e4
c3bccfa6d963f75a3727e947cd9904f35fcdd17e409b660a0f64ab5bd617de42
c4ee0e68bf01a3e9a8330313687a7fd9ecfc3add039b82159c056f4987d9066a
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
d78a070d2001440115e55d8a881b9df8530b0de2b2dd116af1b02f30d40685bb
d8cd910002cc957350dfc2bab7d2aaf9a51597aac51aaa036929a147dba5c014
def42eaed918ead7f93f1e38ee581b5897629dfb6044382bafee16b1f9c92f6f
df43cf209813fae4d5c5825f999486ff9ae500e75c66e97a5e68c690fea69081
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f0ea41c6ebc4bfb9f3dbe0129097640f019f2ef833ae46b715a95ae8ddb44409
f871945d47ccc8d1218b233a1f58379d7722f365b9ce9bc7d0019496d03503aa

safaricom.zerod.live Open in urlscan Pro 91.241.94.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

71 %HTTPS

52 %IPv6

17 Domains

22 Subdomains

21 IPs

6 Countries

1014 kBTransfer

2031 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safaricom.zerod.live Open in urlscan Pro
91.241.94.160 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

71 %
HTTPS

52 %
IPv6

17
Domains

22
Subdomains

21
IPs

6
Countries

1014 kB
Transfer

2031 kB
Size

6
Cookies

84 HTTP transactions
3 data transactions