safaricom.zerod.live Open in urlscan Pro
91.241.94.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://safaricom.zerod.live/
Effective URL:
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3...
Submission: On April 26 via manual (April 26th 2022, 5:03:14 pm UTC) from NG — Scanned from DE

Summary HTTP 72 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 18 domains to perform 72 HTTP transactions. The main IP is 91.241.94.160, located in Greece and belongs to UPSTREAM-AS Greece, GR. The main domain is safaricom.zerod.live.

This is the only time safaricom.zerod.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 27	91.241.94.160 91.241.94.160	49582 (UPSTREAM-...) (UPSTREAM-AS Greece)
1	196.201.213.123 196.201.213.123	33771 (SAFARICOM...) (SAFARICOM-LIMITED)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14d1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	81.17.55.113 81.17.55.113	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.66.248.4 18.66.248.4	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
6	2a00:1450:400... 2a00:1450:400e:801::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	() ()
9	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4014:80e::2001	() ()
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	() ()
1 1	2a00:1450:400... 2a00:1450:4001:829::2004	() ()
1	141.226.228.48 141.226.228.48	() ()
72	23

27 91.241.94.160 (Greece) 6 redirects

ASN49582 (UPSTREAM-AS Greece, GR)

safaricom.zerod.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 196.201.213.123 (Nairobi, Kenya)

ASN33771 (SAFARICOM-LIMITED, KE)
PTR: 196-201.213-123.safaricom.co.ke

header.safaricombeats.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ads.projectagoraservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14d1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.projectagora-adtag-library.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-4.dus51.r.cloudfront.net

cdn.kdaimo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400e:801::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4014:80e::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	zerod.live 6 redirects safaricom.zerod.live	361 KB
10	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1022 trc.taboola.com images.taboola.com am-trc-events.taboola.com	195 KB
9	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 394 ib.adnxs.com — Cisco Umbrella Rank: 226 cdn.adnxs.com — Cisco Umbrella Rank: 1322 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8453	48 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	34 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	45 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	54 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1792	24 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 4212	412 B
2	projectagora-adtag-library.com cdn.projectagora-adtag-library.com — Cisco Umbrella Rank: 43492	131 KB
2	projectagoraservices.com ads.projectagoraservices.com — Cisco Umbrella Rank: 24267	8 KB
1	google.com 1 redirects www.google.com	299 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	37 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 778	366 B
1	kdaimo.com cdn.kdaimo.com — Cisco Umbrella Rank: 40341	3 KB
1	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1336	341 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	2 KB
1	safaricombeats.co.ke header.safaricombeats.co.ke	945 B
72	18

	Domain	Requested by
27	safaricom.zerod.live	6 redirects safaricom.zerod.live
6	googleads.g.doubleclick.net	cdn.projectagora-adtag-library.com googleads.g.doubleclick.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net
4	cdn.taboola.com	safaricom.zerod.live cdn.taboola.com
4	fra1-ib.adnxs.com	cdn.projectagora-adtag-library.com safaricom.zerod.live cdn.adnxs.com
3	trc.taboola.com	cdn.taboola.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	pagead2.googlesyndication.com	cdn.projectagora-adtag-library.com googleads.g.doubleclick.net www.googletagservices.com
2	images.taboola.com
2	ib.adnxs.com	cdn.projectagora-adtag-library.com
2	script.4dex.io	cdn.projectagora-adtag-library.com script.4dex.io
2	adx.adform.net	cdn.projectagora-adtag-library.com
2	cdn.projectagora-adtag-library.com	ads.projectagoraservices.com cdn.projectagora-adtag-library.com
2	secure.adnxs.com
2	ads.projectagoraservices.com	safaricom.zerod.live
1	am-trc-events.taboola.com
1	www.google.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	cdn.adnxs.com	cdn.projectagora-adtag-library.com
1	onetag-sys.com	cdn.projectagora-adtag-library.com
1	cdn.kdaimo.com	cdn.projectagora-adtag-library.com
1	prg.smartadserver.com	cdn.projectagora-adtag-library.com
1	cdn.jsdelivr.net	cdn.projectagora-adtag-library.com
1	header.safaricombeats.co.ke	safaricom.zerod.live
72	26

This site contains no links.

Subject Issuer	Validity	Valid
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
cdn.projectagora-adtag-library.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.kdaimo.com Amazon	`2021-10-28` - `2022-11-26`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Frame ID: BE295D080B30752C09E5F5438812EADA
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: CF006395BB888EBD3A13FA4FF190B96E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 5DF87341A6831EDB500FAEA1D5618774
Requests: 7 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/safaricomzerod300x250mena-r22137985/loader.js
Frame ID: 1B509CA2B5B565068A4345AC765EFCF2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E7ADC9D895933BFDE42E3E05786964A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js
Frame ID: 4C36BB6F6BC82C608D509CE81C04BD97
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZeroD - Always ON

Page URL History Show full URLs

http://safaricom.zerod.live/ HTTP 301
http://safaricom.zerod.live/zerod-web/r/landing/ HTTP 302
http://safaricom.zerod.live/zerod-web/e/landing Page URL
http://safaricom.zerod.live/zerod-web/r/landing2?id=&beatserr=821 HTTP 302
http://safaricom.zerod.live/zerod-web/a/token?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2... HTTP 302
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

72
Requests

64 %
HTTPS

52 %
IPv6

18
Domains

26
Subdomains

23
IPs

8
Countries

941 kB
Transfer

2221 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://safaricom.zerod.live/ HTTP 301
http://safaricom.zerod.live/zerod-web/r/landing/ HTTP 302
http://safaricom.zerod.live/zerod-web/e/landing Page URL
http://safaricom.zerod.live/zerod-web/r/landing2?id=&beatserr=821 HTTP 302
http://safaricom.zerod.live/zerod-web/a/token?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821 HTTP 302
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://safaricom.zerod.live/ HTTP 301
http://safaricom.zerod.live/zerod-web/r/landing/ HTTP 302
http://safaricom.zerod.live/zerod-web/e/landing

Request Chain 2

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345 HTTP 302
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Request Chain 10

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345 HTTP 302
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

landing Show response
safaricom.zerod.live/zerod-web/e/
Redirect Chain

http://safaricom.zerod.live/
http://safaricom.zerod.live/zerod-web/r/landing/?
http://safaricom.zerod.live/zerod-web/e/landing

4 KB
2 KB

96ms
94ms

Document
text/html

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

f871945d47ccc8d1218b233a1f58379d7722f365b9ce9bc7d0019496d03503aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Tue, 26 Apr 2022 17:03:08 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Language: de-DE
Content-Length: 0
Date: Tue, 26 Apr 2022 17:03:07 GMT
Expires: 0
Location: http://safaricom.zerod.live/zerod-web/e/landing
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 style.css
safaricom.zerod.live/zerod-web/resources/ 31 KB
8 KB 74ms
73ms Stylesheet
text/css 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/zerod-web/resources/style.css
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: df43cf209813fae4d5c5825f999486ff9ae500e75c66e97a5e68c690fea69081

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 26 Apr 2022 17:03:08 GMT
Cache-Control: max-age=600
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1

200

fetch Show response
safaricom.zerod.live/data-rewards/api/v1/resource/
Redirect Chain

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

116 KB
117 KB

59ms
59ms

Script
application/javascript

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

824d720c6405a229043f7457b4d7ddcf5f8cbb84625c6fa23d60f1bf21578faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:08 GMT
X-Content-Type-Options: nosniff
ETag: "invocate-ad-0.1.361.js"
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Range: bytes 0-119235/119236
Content-Disposition: inline;filename="invocate-ad-0.1.361.js"
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 119236
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60
Expires: 1650992588846600000

Redirect headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Location: ./fetch?name=invocate-ad-0.1.361.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60

GET
H/1.1 200
OK forward
safaricom.zerod.live/ga-proxy/ 39 B
39 B 131ms
131ms Image
text/plain 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/ga-proxy/forward?v=1&_v=j66&t=pageview&_s=1&dl=/zerod-web/e/landing&je=0&_u=IEBAAEAB~&cid=unknown&tid=UA-147729356-1&_r=1
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:08 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

GET
H/1.1 200 pixel
safaricom.zerod.live/zerod-core/api/v1/event/log/ 42 B
455 B 87ms
87ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/event/log/pixel?type=PAGEVIEW&url=/zerod-web/e/landing&metadata=

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 1 KB
1 KB 62ms
62ms Image
image/png 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=logo-default.png

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

8d591022363d0eb71a769805939c4d2bdb37b67671703871e00fb41cc97e653d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1167
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 2 KB
2 KB 58ms
58ms Image
image/png 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=mno-logo-h.png

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

9cab404a239f93927c6c6cc6c16679e07751758068231cc53b5aba5acb8210c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1902
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 87 KB
87 KB 62ms
62ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=KSZspinner.gif

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

1b8fc659321ea327b1cdf963a29b1c0d333f0a31bd1b87c55ace5d3d4c776d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/landing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:08 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 88632
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
header.safaricombeats.co.ke/ 432 B
945 B 1065ms
189ms XHR
text/xml 196.201.213.123
SAFARICOM-LIMITED

General

Check archive.org

Show headers Download Go to

Full URL: http://header.safaricombeats.co.ke/
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 196.201.213.123 Nairobi, Kenya, ASN33771 (SAFARICOM-LIMITED, KE),
Reverse DNS: 196-201.213-123.safaricom.co.ke
Software: Web Server / PHP/8.0.7
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:10 GMT
Server: Web Server
X-Powered-By: PHP/8.0.7
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: *
Server-Timing: dtSInfo;desc="0", dtRpid;desc="1120421579", dtTao;desc="1"
Connection: Keep-Alive
Timing-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Content-Length: 432

GET
H/1.1

200

Primary Request switch_to_data Show response
safaricom.zerod.live/zerod-web/e/
Redirect Chain

http://safaricom.zerod.live/zerod-web/r/landing2?id=&beatserr=821
http://safaricom.zerod.live/zerod-web/a/token?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821
http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603

3 KB
2 KB

97ms
97ms

Document
text/html

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

83837b8c242b342b60e7f5fa9fb00fe8adf4b39bcf66f4a8470f12372e0fe8e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://safaricom.zerod.live/zerod-web/e/landing
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Tue, 26 Apr 2022 17:03:10 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
Date: Tue, 26 Apr 2022 17:03:09 GMT
Expires: 0
Location: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 style.css
safaricom.zerod.live/zerod-web/resources/ 31 KB
8 KB 63ms
62ms Stylesheet
text/css 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/zerod-web/resources/style.css
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: df43cf209813fae4d5c5825f999486ff9ae500e75c66e97a5e68c690fea69081

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 26 Apr 2022 17:03:10 GMT
Cache-Control: max-age=600
Content-Disposition: inline;filename=f.txt
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1

200

fetch Show response
safaricom.zerod.live/data-rewards/api/v1/resource/
Redirect Chain

http://safaricom.zerod.live/data-rewards/api/v1/resource/latest?name=invocate-ad.js&cb=112345
http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

116 KB
117 KB

60ms
60ms

Script
application/javascript

91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://safaricom.zerod.live/data-rewards/api/v1/resource/fetch?name=invocate-ad-0.1.361.js

Requested by

Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

824d720c6405a229043f7457b4d7ddcf5f8cbb84625c6fa23d60f1bf21578faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:09 GMT
X-Content-Type-Options: nosniff
ETag: "invocate-ad-0.1.361.js"
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Range: bytes 0-119235/119236
Content-Disposition: inline;filename="invocate-ad-0.1.361.js"
Connection: keep-alive
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 119236
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60
Expires: 1650992590915600000

Redirect headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:09 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Location: ./fetch?name=invocate-ad-0.1.361.js
Cache-Control: no-cache, no-store
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=60

GET
H/1.1 200
OK forward
safaricom.zerod.live/ga-proxy/ 39 B
39 B 338ms
282ms Image
text/plain 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/ga-proxy/forward?v=1&_v=j66&t=pageview&_s=1&dl=/zerod-web/e/switch_to_data?origin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26beatserr%3D821%26code%3D603&je=0&_u=IEBAAEAB~&cid=61ab096f-aa2b-4a6c-9a28-2d69dae8e6d0&tid=UA-147729356-1&_r=1
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:11 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0

GET
H/1.1 200 pixel
safaricom.zerod.live/zerod-core/api/v1/event/log/ 42 B
455 B 181ms
123ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/event/log/pixel?type=PAGEVIEW&url=/zerod-web/e/switch_to_data?origin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&metadata=

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:10 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: 0

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 3 KB
4 KB 121ms
64ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=logo-default.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

d8cd910002cc957350dfc2bab7d2aaf9a51597aac51aaa036929a147dba5c014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:10 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 3314
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 1 KB
2 KB 125ms
66ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=wifi-off.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

912fba92be2e04c0069d92bf1450d896425ee4a2491c930a2632ddb761642e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:10 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1429
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 878 B
1 KB 63ms
62ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=switch-arrow.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

b4afe8fb8c912a034e0d39380f91bacde77ca02c22527ad8e3933fb6e4835968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:10 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 878
X-XSS-Protection: 1; mode=block

GET
H/1.1 200 fetch
safaricom.zerod.live/zerod-core/api/v1/resource/ 1 KB
2 KB 62ms
61ms Image
image/svg+xml 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://safaricom.zerod.live/zerod-core/api/v1/resource/fetch?name=data.svg

Requested by

Protocol

HTTP/1.1

Server

91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),

Reverse DNS

Software

Resource Hash

2d94e7d84f6cceab3387efe1f9e97bb88ae9f705892baab21b4181c9a7804be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:10 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 1206
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK asyncjs.php Show response
safaricom.zerod.live/www/delivery/ 4 KB
3 KB 121ms
119ms Script
text/javascript 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 51567fa9aed529afecdac846ddf4897271cd94aeab45c4e992dbe20339814882

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:11 GMT
Content-Encoding: gzip
P3P: CP="CUR ADM OUR NOR STA NID"
ETag: 6567aac3aa5b505592b1d50e7d53718c
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Expire: Tue, 26 Apr 2022 18:03:11 GMT

GET
H/1.1 200
OK asyncspc.php Show response
safaricom.zerod.live/www/delivery/ 2 KB
1 KB 401ms
401ms XHR
application/json 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to

Full URL: http://safaricom.zerod.live/www/delivery/asyncspc.php?zones=8527%7C8528&prefix=revive-0-&loc=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&referer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: e4ee49a195ed8cdf822d0b0f610e09f2653e202c6b441ecd4277675dbb6fc66e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: application/json
Expires: 0

GET
H/1.1 200
OK / Show response
ads.projectagoraservices.com/ 12 KB
4 KB 273ms
74ms Script
application/javascript 2a02:26f0:3500:11::215:14c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.projectagoraservices.com/?id=17499
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:11::215:14c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d78a070d2001440115e55d8a881b9df8530b0de2b2dd116af1b02f30d40685bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3846
Expires: Tue, 26 Apr 2022 17:03:12 GMT

GET
H/1.1 200
OK / Show response
ads.projectagoraservices.com/ 12 KB
4 KB 246ms
41ms Script
application/javascript 2a02:26f0:3500:11::215:14c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.projectagoraservices.com/?id=16277
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/www/delivery/asyncjs.php
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:11::215:14c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f0ea41c6ebc4bfb9f3dbe0129097640f019f2ef833ae46b715a95ae8ddb44409

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3901
Expires: Tue, 26 Apr 2022 17:03:12 GMT

GET
H/1.1 200
OK lg.php
safaricom.zerod.live/www/delivery/ 43 B
722 B 115ms
115ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/www/delivery/lg.php?bannerid=83140&campaignid=14123&zoneid=8527&loc=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&referer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding&cb=12e7829686
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK imptr
secure.adnxs.com/ 43 B
687 B 48ms
21ms Image
image/gif 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/imptr?id=63057&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 201dbb37-7820-4f29-a351-482688786076
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK lg.php
safaricom.zerod.live/www/delivery/ 43 B
722 B 105ms
105ms Image
image/gif 91.241.94.160
UPSTREAM-AS Greece

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://safaricom.zerod.live/www/delivery/lg.php?bannerid=83275&campaignid=14123&zoneid=8528&loc=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&referer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding&cb=d4b6c0f8e5
Protocol: HTTP/1.1
Server: 91.241.94.160 , Greece, ASN49582 (UPSTREAM-AS Greece, GR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/zerod-web/e/switch_to_data?origin=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fr%2Flanding2%3Fid%3D%26beatserr%3D821&id=&beatserr=821&code=603
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK imptr
secure.adnxs.com/ 43 B
687 B 43ms
16ms Image
image/gif 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/imptr?id=63056&t=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: aa059723-1054-439e-8b2c-41b93417672a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pav2_6.6.3eca5d0.min.js Show response
cdn.projectagora-adtag-library.com/adtag6-6/ 33 KB
8 KB 118ms
18ms Script
text/javascript 2a02:26f0:3500:11::215:14d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/adtag6-6/pav2_6.6.3eca5d0.min.js
Requested by: Host: ads.projectagoraservices.com
URL: http://ads.projectagoraservices.com/?id=16277
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1077b4e81880c532ec050485f90b6a4d6c7696feec3eb753a8832b13a0ed5577

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:03:12 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 11:01:20 GMT
server: UploadServer
etag: "fb429cf2eb5cd2805daa316a36097148"
vary: Accept-Encoding
x-goog-hash: crc32c=DUZ9ZA==, md5=+0Kc8utc0oBdqjFqNglxSA==
content-type: text/javascript
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
cache-control: private, max-age=86400
x-amz-meta-
accept-ranges: bytes
x-guploader-uploadid: ADPycdviFmp6zPfoS0i6kRk5E-k6dQWpp9tw41S-0biGdNe4fEwHZE_7k9Xp1XAiFc_3OOz2qOEp8cmNaABMteJC6rfveQ
content-length: 7874

GET
H2 200 prebid.6-6.js Show response
cdn.projectagora-adtag-library.com/prebid6-6/latest/ 396 KB
122 KB 16ms
15ms Script
text/javascript 2a02:26f0:3500:11::215:14d1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag6-6/pav2_6.6.3eca5d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e6a2a41ceb893488e65f890b785daab9830ee269b8933debba8d0691115677e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:03:12 GMT
content-encoding: gzip
last-modified: Mon, 18 Apr 2022 09:22:57 GMT
server: UploadServer
etag: "682d2151bef7a1a09ddebf58f5750ee2"
vary: Accept-Encoding
x-goog-hash: crc32c=QcVLiw==, md5=aC0hUb73oaCd3r9Y9XUO4g==
content-type: text/javascript
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
cache-control: private, max-age=86400
x-amz-meta-
accept-ranges: bytes
x-guploader-uploadid: ADPycds8BPCpboS154nHDg5x1_3yRQfaslmiT30pcbLDmLkdpJXt4OimvkGmlwLbmsa6C_U770muFNCWyrmH4KpXBaCDP2x2OyXg
content-length: 124668

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 261ms
20ms Preflight 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://safaricom.zerod.live
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://safaricom.zerod.live
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 26 Apr 2022 17:03:12 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 57ms
27ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220426

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b3b6afaf28b5e500208c806b0e5bbe6e11890cf00ce3d0b48d9aa2154ff684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 26 Apr 2022 17:03:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7335
x-jsd-version: 1.0.1323
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19151-FRA, cache-iad-kiad7000179-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66a-WQWn9zNZRlNKlZFMbWRC1PCh0MU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTaVccQUEmaYjCoe7w7cwq8k5D7wG5FmTLn7JQXvVMyf88KmM%2BeA9ipZ1R%2BVze3mZUHYbIHTEexvPiLEbxZVUpeytA%2BNMDn32YgHUwmZQSOC1k3geYgRUOm4LghSX3c5s5COLJo8UNdwXj6QKlY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7020e3f7df4623af-ZRH
access-control-expose-headers: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
964 B 117ms
48ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:03:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020543
content-type: application/javascript
x-amz-request-id: tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2: tx0c810f9b689a43feb0d6c-0062543d8e
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEbmDSswsJ%2FrjBhmUQBAoq5DhJg7yGsF0FhsBEjYlL9ovG0pt2hHd9db0qPE7HwEHKYZTGDR5qeXJ2i7KI47R%2BCjyd92x2ePCaG4n6aHf6RQlXAE4tqRn7PB3MbwAHeCTHRiioDPnHZLkZ6u"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1649687875786561
cache-control: public, max-age=1800
cf-ray: 7020e3f838783748-MXP
expires: Tue, 26 Apr 2022 17:33:12 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
412 B 119ms
73ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:03:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 339ms
320ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

195cd7900d8945030a4a08838c8108f5f6b07d1490b3a194a4a2261cb8e01faa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c151770c-449d-46ba-90b6-a5d8fe16b020
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
341 B 87ms
16ms XHR
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:03:12 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H2 200 min.js Show response
cdn.kdaimo.com/projectagora-483829/ 3 KB
3 KB 94ms
11ms Script
text/plain 18.66.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kdaimo.com/projectagora-483829/min.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/adtag6-6/pav2_6.6.3eca5d0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-4.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Apr 2022 01:00:55 GMT
server: AmazonS3
age: 86346
etag: "61e4dbcc663e6d945cd8b7db1c35a1e6"
x-cache: Hit from cloudfront
date: Mon, 25 Apr 2022 17:04:07 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 2849
x-amz-cf-id: c-3OR7BAxXn00hBwHe5Kv-WzztkxnuiKAJ2nwX3c-rxVUzqnBmpgDA==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 22 KB
13 KB 242ms
226ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

06a60d17c84381dde59841aafc274017858939890c31f8ce04a200e844a45748

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 26 Apr 2022 17:03:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a6f67bf7-0bd6-4c38-bdd1-6ac8cdcca4e8
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
366 B 76ms
49ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 153ms
91ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:03:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33007
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx0e1dd575d372445694ba1-00626095ab
x-amz-id-2: tx0e1dd575d372445694ba1-00626095ab
last-modified: Mon, 11 Apr 2022 14:37:55 GMT
server: cloudflare
etag: W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMMe%2BdqRzi9p69V0bpW37mlgeWshWm3g8giA%2Fv9%2BQu6eKvlJFxmyWJc2imMX9%2BVS0Ocwp7%2FjP4XTHNOUsAx6zJjYAwvBenVtPmVlKwdjZ6GG3WIvBYGXL74wcb05X5VPASpeAHCqQM1axQYl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1649687874851815
cf-ray: 7020e3f8da630e26-MXP
access-control-allow-headers: Authorization

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame CF00 13 KB
5 KB 62ms
29ms Document
text/html 2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://safaricom.zerod.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 03:18:51 GMT
etag: 12223946614886178233
expires: Wed, 27 Apr 2022 03:18:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 5DF8 11 KB
5 KB 64ms
30ms Script
text/javascript 2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2195
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4875
x-xss-protection: 0
server: cafe
etag: 7698967424627035244
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 26 Apr 2022 17:26:37 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 5DF8 85 KB
29 KB 82ms
17ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Tue, 26 Apr 2022 17:03:12 GMT
Content-Encoding: gzip
Age: 5299483
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21967-LGA, cache-cdg20746-CDG
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1650992593.918800,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 167686

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 5DF8 0
813 B 50ms
26ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=http%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fe%252Fswitch_to_data%253Forigin%253Dhttp%25253A%25252F%25252Fsafaricom.zerod.live%25252Fzerod-web%25252Fr%25252Flanding2%25253Fid%25253D%252526beatserr%25253D821%2526id%253D%2526beatserr%253D821%2526code%253D603&e=wqT_3QKXB-iXAwAAAwDWAAUBCNDLoJMGEPKzv5Di0a_8BRgAKjYJ2cwhqYWS6j8RUiHDzySW5j8ZAAAAwPUo9D8hUg0SACkRJNAxAAAA4HoU3j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jZ1wWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARFwY29kZT02MDOAAwCIAwGQAwCYAxegAwGqA-kBCr8Fw4BzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20NHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvRTAV9iPUFLQW1mLUJOWGNzY1E5X3piNFgwakE5cFpIRlBYZWE0ZzdzV0ZqZFdoZFc5QzdFTVZ4NXVjWFc4VE5LYjFjTTNYQXhWcTE5NC1nZUVZNDJ5YjJNclpETzVUcWRpc2RDaVFBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjQzMDMwMzI4MjA3OTk4MDAxOCIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE5My4yNy4xNC4yNqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABIbVtSLIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF-c6I5JGfjfRUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuIAE-gUECAAQAJAGAJgGALgGAMEGAAABMyzwP9AG7o8B2gYWChABEC4BAKgQABgA4AYB8gYCCACABwGIBwCYBwGgBwGqBwwxMzM2ODk0NDM2NDW6Bw8IBSxEIAAwADi6BkAAyAfZ1wXSBw0JEU4BSgzaBwYIBQlE4AcA6gcCCADwB7X7A4oIAhAA&s=cfe97eee92f89dd4b7ffc18c69eb96e5dfa149b7

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 42b2a142-2a5e-4b51-adf5-c8722e3e3f0d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DF8 0
442 B 320ms
48ms Image
image/gif 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Cs4FhAtaigKWOkde-v_Uw6pGPdy6aBIDMXQKwbtwOm08-U-XWZfLf6hWV8mNmkdTYEZpzFdeT7u_t1engpDrrZ5-ZThw

Requested by

Host: cdn.projectagora-adtag-library.com
URL: https://cdn.projectagora-adtag-library.com/prebid6-6/latest/prebid.6-6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:03:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 5DF8 0
813 B 32ms
32ms Script
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKtMugtGQAAAwDWAAUBCNDLoJMGEPKzv5Di0a_8BRgAKjYJ2cwhqYWS6j8RUiHDzySW5j8ZAAAAwPUo9D8hUg0SACkRJNAxAAAA4HoU3j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jZ1wWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARH0KgFjb2RlPTYwM_ICDQoGSEVJR0hUEgMyNTDyAgwKBVdJRFRIEgMzMDDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhcKCklGUkFNRV9LRVkSCTc4ODQ2NDg3NfICvxUKC1BSRV9TQ1JJUFRTEq8VPHNjcmlwdD4oZnVuY3Rpb24oKXsvKgoKIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwp2YXIgaD10aGlzfHxzZWxmO3ZhciBrPUFycmF5LnByb3RvdHlwZS5pbmRleE9mP2Z1bmN0aW9uKGEsYyl7cmV0dXJuIEFycmF5LkItABAuY2FsbAEpJCx2b2lkIDApfToVzYhhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuIg0aACEVGsBjfHwxIT1jLmxlbmd0aD8tMTphLmluZGV4T2YoYywwKTtmb3IodmFyIGQ9MDtkPGEuCSlcO2QrKylpZihkIGluIGEmJmFbZF09PT1jDWgIIGQ7CXEsLTF9Oy8qCgogU1BEjjoBEcw4IGwoYSl7bFsiICJdKGEpDU4IIGF9CRMAPREoECgpe307EQ0EIG4BNQRhPSkaOD09PWE_ZG9jdW1lbnQ6YRVDJC5jcmVhdGVFbGUBGRgoImltZyIpHUUAcCFIdCxkKXthLmdvb2dsZV9pbWFnZV9yZXF1ZXN0c3x8KFoaABA9W10pOyEsFGI9bihhLhF8BCk7ISkEKXsBGgBlLroAGRcEZj1aUwBoLGc9ayhmLGIpOzA8PWcmJkFycmF5LnByb3RvIdsYLnNwbGljZUkVdGYsZywxKX1iLnJlbW92ZUV2ZW50TGlzdGVuZXImJlIXADQoImxvYWQiLGUsITEpO1IjAGI6ABBlcnJvcg07GH07Yi5hZGRCcwA-FAA-cAA-IAABbT4UAAAoNmoAHGIuc3JjPWM7WjEBGC5wdXNoKGIu0QEEcSgpfARhPTGSNC5jdXJyZW50U2NyaXB0TRoAKDI5AixudWxsOmEpJiYiNzdhSTxhLmdldEF0dHJpYnV0ZSgioTccLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHfBGcj1SZWdFeHAoIl5odHRwcz86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTt5KwB0FeAAaAVhDGM9W10FCQRkPQHGDDtkb3tBexhiPWE7dHJ5BQwAZUGTGGU9ISFiJiYBJFAhPWIubG9jYXRpb24uaHJlZiliOnsBLZBsKGIuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobSl7fWU9ITF9AV4IZj1lGRcAZgEWDGlmKGYpeQBnPl4ADDtkPWJ1HyH0NUIkcmVmZXJyZXJ8fAGXJH1lbHNlIGc9ZCwNywBjKd8wbmV3IHUoZ3x8IiIpKQXVFGE9Yi5wYSHUGYYAYQX_TH19d2hpbGUoYSYmYiE9YSk7Yj0whdUAYZX2dC0xO2I8PWE7KytiKWNbYl0uZGVwdGg9YS1iO2I9aCErOR4BrjUqOGFuY2VzdG9yT3JpZ2luc24cAK1hAD0ddQApoVsUYT0xO2E8sYBMOysrYSlnPWNbYV0sZy51cmx8fCgFCC5CATp2ABRbYS0KMV0hDBgsZy5oPSEwAeMpIgBoGash1WXlAGclFiUCBGQ9MgQBHDA8PWQ7LS1kodhIZj1jW2RdLCFnJiZyLnRlc3QoZgGPICkmJihnPWYpLAUOLCYmIWYuaCl7Yj1mO0UbAH0NXQBkFeYEJiYBzAE7BDswQWUlWggmJmQFSAEbCCk7YwWtEHYoYixntegUYy5nP2MuBfoMOmMuaQFAAH215gB2oaEcKXt0aGlzLmlB1QEJCGc9YxkiAHUdIgh1cmwRJBRoPSEhYzsFLwWIJQq9-gB3dUkUdCgpLGM9-Qo8Ij8iKTtzZXRUaW1lb3V0KBGMDTEAZNlzGGQ_LjAxOmRBNUQhKE1hdGgucmFuZG9tKCk-ZClpDwxiPXEoIaQAImX_NDovLyIrKGImJiJ0cnVlgWsAYlZrBDgtcmNkIik_InBhZ2VhZDLNnRBzeW5kaWm5IC1jbi5jb20iOmYjAAUgDCkrIi8JRXgvZ2VuXzIwND9pZD1qY2EmamM9NzcmdmVyc2lvbj0ihUUMZT0oZQGxDCkmJmVamQANMTAiKXx8InVua25vd24iYeNcK2UrIiZzYW1wbGU9IitkO2I9d2luZG93BVgAZjk0FGY_ITE6ZiEzNGU9Yi5uYXZpZ2F0b3IpMg4AUC51c2VyQWdlbnQsZT0vQ2hyb21lL0mbIGUpJiYhL0VkZxkRHD8hMDohMTtlYZMVUTAuc2VuZEJlYWNvbj8KHWkdGCQoZCk6cChiLGQsIkUICZ4IKX19Dg4JFtYIKCAwPD1jP2Euc3ViFlEJHCgwLGMpOmF9CeAMLnJmbC7oBw01BGVuDvkKUFVSSUNvbXBvbmVudCh3KCkpfTt9KenBQZoQKTsKPC8apwpo8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5IVIMcG9zaaGxZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyDhS1WHSRRKWQJBNg0eLjICFGF3YmlkJgUG8IZfYj1BS0FtZi1DczRGaEF0YWlnS1dPa2RlLXZfVXc2cEdQZHk2YUJJRE1YUUt3YnR3T20wOC1VLVhXWmZMZjZoV1Y4bU5ta2RUWUVacHpGZGVUN3VfdDFlbmdwRHJyWjUtWlRodyIgYm9yZGVyPTAgd2lkdGg9MSBoZWlnaHQ9MSBhbHQ9IiIxGqhkaXNwbGF5Om5vbmUiPjwvZGl2PvICmQEKDFBPU1RfU0NSSVBUUxKIATxzEgIINggBFvYJUGFkcy5nLmRvdWJsZWNsaWNrLm5ldDEGPHhiZmVfYmFja2ZpbGwuanMBZS21DVMAPp0kHCB7cjNweCgnIpwMHCcpO30pKCk7PeoQ8hIKEEgBnTRQT1JUX1BBUkFNUxLdEpEjipQAOGFkZmV0Y2g_YWRrPTE2MAUC8FgyNSZhZHNhZmU9bWVkaXVtJmNsaWVudD1jYS1wdWItMzA3Njg5MDAxMjc0MTQ2NyZmb3JtYXQ9MzAweDI1MF9hcyZpcD0xOTMuMjcuMTQuMjYmb3V0cHV0PQ58DSgmdW52aWV3ZWRfcE2KIF9zdGFydD0xJqF1JnoOECZzdWJfDXoAYkGA9NIJci01NjU5NTY2JmhsPWRlJmFjZWlkPU1GY1h0QUJaR0xRQVJCbTBBS3dhdEFDWkc3UUEtVlUwQWJGck5BSHVjRFFCeUhJMEFWaHpOQUdtY3pRQnFYTTBBU2gxTkFGTGRUUUJWSFkwQWJCMk5BRzFkalFCRlhjMEFVaDNOQUZMZHpRQlUzYzBBV1YzTkFGb2R6UUJiSGMwQVhGM05BRjZkelFCZkhjMEFZcDNOQUdPZHpRQmtIYzBBWk4zTkFHVWR6UUJsM2MwQVpsM05BR2NkelFCbzNjMEFhUjNOQUZMYzBFQlUzTkJBWVA4MlFIdUhWd0NWQjVjQWlkQ3FnSW9RcW9DZ2tLcUFoSm9xZ0tiZXFvQ3NacXFBb0NicWdLQm02b0NncHVxQWtPaXFnS2lxS29DUmNDcUF2RExxZ0ppemFvQ0ZOR3FBbkRTcWdKcDA2b0NiTmlxQWp2WnFnSk8yYW9DVmQ2cUFxamdxZ0pDNGFvQ3hPT3FBczNqcWdJYzVhb0NvT1dxQWdfcHFnSzg3S29DWGU2cUFrN3lxZ0ltODZvQzhfV3FBdnIxcWdKYjlxb0NYZmFxQWtyNHFnTHEtYW9DSVBxcUFqZjZxZ0ltLTZvQ1F2dXFBa2Y3cWdKai02b0NtdnVxQWdmOHFnS3hfS29DLWYycUFtRC1xZ0tDX3FvQzd2LXFBbmdBcXdMaEFLc0NOUUtyQW1BQ3F3S3dBcXNDLWdLckFoWURxd0tCQTZzQ2V3U3JBcFVFcXdJckJxc0NSd2FyQWxBSXF3TE9jcm9DMWlZUUE2dXl4UVhRaGlNS1dySDdFam5ELXhKSnp2c1NuZEg3RXBQVi14S28ydnNTM3VMN0VudmoteExQNV9zU0NlajdFdERxLXhKeTdmc1MyLTM3RWlUdy14SWw4dnNTYWZQN0VnWDAteEpLOWZzU1ZmWDdFbG4yLXhMcTl2c1NHX2Y3RW9yMy14S205X3NTd2ZmN0VzUmMwQk1vb3VvVUQxdzNGX3BXYXhySXk3VXUxczYxTG1DSjRWayZleGs9Nzg4NDY0ODc1JmF3YmlkX2M9QUtBbWYtQmxReDYzdXVFQnRrVmRFOUhfbUlybmk1RmdfT2J1TUJmc3kydDU3bXhhX1NtVjFkRDIxOF9HNUwxX3AwODVaQzY3QVFKMERzZEpDc2V5NzY1aWhUQkNXelY5SjBDOV9pUXVmNHBvaGNfR1hvNFI4dF9SNWRjcTBMZXB2OUdEWmVfcjlZU0JNNThCTkg1bUVBemN0T2RwVkhFZmN4V2FnNVJyd3ljaFU3c0l3VFhPZlJNJmF3YmlkX2Q9QUtBbWYtQV9HVW1KWVFhaU9OZFlQMmpDdVZjell5RzFJVVJJSS0zR2IzWVhhb0tORWt6eURrRjlaaC0za0pkb0JJUFNvNEExcVdzSmdqSm1pLWNBSnRPSDJ4ZmFHZmVoMXNQRmlUa2ZjbmFxNUZJUHRYRmZLTGFkMlNyYXZieThmajVHSEhJRUZXRWI5ekpnOTUtcmQyTTlPajRiZUlrbDJJQVJsOW43Zms5d0ljQTdOU01EdUZ4NWlSWndvbnJueEp6MnhCVkZVeFF3a2lFQmc2Wnk2dEJqUHN1WF84aDJYTzg4ckU0ZktEUk5QUThaek83TUUwTkNzM2NrZTBPVWNmall4MW1RdGV2aXBNei15MG9IdGtXZFFmQ0cyRW5mYldVUVdEMGlTNkdVN01LcFFzLVhhV1JVLTRfbHBzQjR5bGszald1X1hnTTlRRkJxSzVUeFFvN245a2tVczBXTW56Zk9DVVR1bVdZbEdYVlcyNF9xNXVGR2lIaERNb2R0YWhmeFFsSVhWbjhZSndCUHhWY2pyRklFVHJoSGdCVWxhQWxKdW95MzhpNlR0LUZpZnJuMkpDcDlCZUdRVGcwcmpJZEgtWmFoQTh3MDVZNnVIbUp2Rkd2MEpoaEtOeGtKMU9oRExkckhMenh2V2U1MzVDN24yRzY0YlFMR3hZc0JvVjItUEptYXk2WXFPb2ZacXRwZFJvblZpc21ybTdzbExUYjItTS1pYkdyak5KXzVMck9oX1dlblRESW9zWURRcEhNWkRpUG5jX1pFNWZHM2huMjJRU1FSUVBVOFJ1OGVkTFhDRDZzeldFOFlsbjZDbnZ5MGNpWjIyaGs2dUdLLWdseFp2OWZrUFliQkFVVFhGU2FNVGh2bzg1aFJ2WU55alZ2MjlhbnkzMm1mNk1tNkk3ZExlUEVBLW1uemQtc0NOeFJxRnVjZ20xeXkyNXdoRGhER0RLWVBSTENYM003QzhZZ2lLSmdfb3BlSVd5SGV1NElLLTVNODRubFJMMXphUUtHbVJockQyZ3hPZFNVRTctYktIaUhYTVlxeHJxTWU0X2pwOUhURm5lbG5Uc0VPSVRRcjZBazNqT1J2VXJtSnRXenZSVTkydXlxaGt4WVhoODFWZVkzcmV2WFBqQkJCeTBCWU1TREdpeWhvYWJiQTl3OTJPbDZQZVpBRVZiQUZRaUdZWXM5aUo0ZDF0Y1dlUFRoc2NraXhha1dIN1BnSE9nQkZJaW40VGM0X0RvaUE5ZkswNlRqVVZzR3dFYzY4ZkxzVnlubHl6emtHMEYyaktIQU5qR0RhbEdkc0xBQ042QTk0dk03MUN2dDVPelZHa210M0c3dmlHWFNYVUJjYU9mVjR3TEtNSW85bU5HUmJJcTIyZ0FZNnFuQXdmQ3pkRzZ0a0hXaXkyNXRfYnBnbTltNEtiWTlkemVscENSRDF5MnNkMFVRN2lHTFFwVy1RS2VNclhQLTZvS29kanNybmhVV2VNRjY5UUljVjdyVlZsSklYNVo2ZFdXVTRXZkFySmVDWVh2YWRqTzlMJmNpZD1DQUFTQk9Sby1yQSZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE5My4yNy4xNC4yNqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABIbVtSLIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF-c6I5JGfjfRUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuIAE-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAaoHDDEzMzY4OTQ0MzY0NboHDwgAEAAYACAAMAA4ugZAAMgH2dcF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Ae1-wOKCAIQAA..&s=e5b9d0122a9792305297bb1532d14cb71448ffd0&bdref=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&bdtop=true&bdifs=1&bstk=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603,http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3dca8417-207f-400e-bf6d-29715c6c0595
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame CF00 98 KB
35 KB 80ms
79ms XHR
text/html 2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e8d9588abbf925ae71617673a387c759bca192ce7a38668bc88576dc256a9fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 26 Apr 2022 17:03:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35511
x-xss-protection: 0

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 5DF8 0
839 B 24ms
24ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKXB-iXAwAAAwDWAAUBCNDLoJMGEPKzv5Di0a_8BRgAKjYJ2cwhqYWS6j8RUiHDzySW5j8ZAAAAwPUo9D8hUg0SACkRJNAxAAAA4HoU3j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jZ1wWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARFwY29kZT02MDOAAwCIAwGQAwCYAxegAwGqA-kBCr8Fw4BzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20NHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvRTAV9iPUFLQW1mLUJOWGNzY1E5X3piNFgwakE5cFpIRlBYZWE0ZzdzV0ZqZFdoZFc5QzdFTVZ4NXVjWFc4VE5LYjFjTTNYQXhWcTE5NC1nZUVZNDJ5YjJNclpETzVUcWRpc2RDaVFBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjQzMDMwMzI4MjA3OTk4MDAxOCIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE5My4yNy4xNC4yNqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABIbVtSLIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF-c6I5JGfjfRUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuIAE-gUECAAQAJAGAJgGALgGAMEGAAABMyzwP9AG7o8B2gYWChABEC4BAKgQABgA4AYB8gYCCACABwGIBwCYBwGgBwGqBwwxMzM2ODk0NDM2NDW6Bw8IBSxEIAAwADi6BkAAyAfZ1wXSBw0JEU4BSgzaBwYIBQlE4AcA6gcCCADwB7X7A4oIAhAA&s=cfe97eee92f89dd4b7ffc18c69eb96e5dfa149b7&type=nv&nvt=5&jm=1003&px=647&py=205&bw=300&bh=250&sid=6732745811370279031&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23351023&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:12 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b169eab3-251a-4610-b250-c67bcc7f8597
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK loader.js Show response
cdn.taboola.com/libtrc/safaricomzerod300x250mena-r22137985/ Frame 1B50 75 KB
20 KB 41ms
18ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.taboola.com/libtrc/safaricomzerod300x250mena-r22137985/loader.js
Requested by: Host: safaricom.zerod.live
URL: http://safaricom.zerod.live/zerod-web/e/landing
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 039d349ab4c714a342f97cd4084ee6c95a14a15e101d53e7ca36e891c1800edb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: mLiSgt4.HN99mY7Mq8DxXX21DVvzy.7g
Content-Encoding: gzip
ETag: "f4ffbc90b7536f3536876561432b7483"
Age: 3103
X-Cache: HIT
Connection: keep-alive
Content-Length: 20142
x-amz-id-2: 3WWaeFxbF49RZqx0u3v7HCsppvDAALqdQn2IIX6X191b/icsrv+WbIfib3BexmR15fHXemNCyQc=
X-Served-By: cache-cdg20734-CDG
Last-Modified: Tue, 26 Apr 2022 12:17:55 GMT
Server: AmazonS3
X-Timer: S1650992593.002919,VS0,VE1
Date: Tue, 26 Apr 2022 17:03:13 GMT
Vary: Accept-Encoding
x-amz-request-id: 3089QGZBSEKSJB6Q
Via: 1.1 varnish
Cache-Control: private,max-age=14401
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
abp: 71
X-Cache-Hits: 1

GET
H2 200 5baa728a4cf4b2cbcc891e962e37f4f2.js Show response
www.gstatic.com/mysidia/ Frame CF00 14 KB
5 KB 36ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5baa728a4cf4b2cbcc891e962e37f4f2.js?tag=client_fast_engine

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea9a8d20533707e95afc9cc9c41d83a272b6ec9ee5030d3b81e637f4f97f82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5507
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 08:27:39 GMT

GET
H2 200 551a410f22968205b8739ba20bcf63c7.js Show response
www.gstatic.com/mysidia/ Frame CF00 11 KB
5 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/551a410f22968205b8739ba20bcf63c7.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7966d708efd9cb7821ca56686773681876cd9fc4effd960eeef97797e5e27329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4552
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 08:27:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CF00 8 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:16:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 26 Apr 2022 17:03:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Apr 2022 17:03:13 GMT

GET
H2 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame CF00 2 KB
1 KB 86ms
30ms Script
text/javascript 2a00:1450:4014:80e::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 15:07:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1201
x-xss-protection: 0
server: cafe
etag: 17441257144546641969
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 15:07:44 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/ Frame CF00 25 KB
10 KB 79ms
24ms Script
text/javascript 2a00:1450:4014:80e::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 14:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 14:56:04 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame CF00 3 KB
2 KB 85ms
31ms Script
text/javascript 2a00:1450:4014:80e::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 16:41:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF00 119 KB
37 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Apr 2022 17:03:13 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/ Frame CF00 19 KB
8 KB 81ms
27ms Script
text/javascript 2a00:1450:4014:80e::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220421/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4014:80e::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7667
x-xss-protection: 0
server: cafe
etag: 7504708142712926003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 May 2022 17:01:09 GMT

GET
H2 200 617b63f321f8765d5e5b029f2733e5f4.js Show response
www.gstatic.com/mysidia/ Frame CF00 39 KB
15 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/617b63f321f8765d5e5b029f2733e5f4.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b50a75198d34e4ad82efa4840a3c3c0d319203db9c65295a9a763ebfd0e999dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 08:27:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15048
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 08:27:39 GMT

GET
H2 200 impl.20220426-17-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 1B50 625 KB
130 KB 41ms
22ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220426-17-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/safaricomzerod300x250mena-r22137985/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1eb40459f7d28606de5383815b6eddead5830cd30726da7ac53c489d4fc2a6cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: oLUIG63lh9__ZgX6gYNLDWSIw9XRKZ2z
content-encoding: br
etag: "d196362c552266cb9556b34cb8d771f2"
age: 18393
x-cache: HIT
content-length: 132326
x-amz-id-2: ylTPpzijG+7Ty30PDeOAK8/pR4LLvm2W6iBAPb3jLwYcdUOYepzgt85kM0UJ5RAcd0At65MLw2k=
x-served-by: cache-hhn4033-HHN
last-modified: Tue, 26 Apr 2022 11:55:22 GMT
server: AmazonS3-br
x-timer: S1650992593.072838,VS0,VE0
date: Tue, 26 Apr 2022 17:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: XN08H50X2A2RKG3E
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 27
x-cache-hits: 12750

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF00 0
20 B 61ms
61ms Image
text/html 2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVxZC0CVoYuOUKrSvzAaV8Z_IBYqxmdFp8qD8kOwPv8qivcABEAEg5pfWJWCVoqCCsAegAbXszs8DyAEBqQKf-_EO8umxPqgDAcgDywSqBMMBT9DhT25cNs6NN6HMw4odmE2jBZnJddhBM6_20WBiEnFvYly56UCUCldYXmIsh5CB8L5fgsoiZZ6YnLlIt9BFc_AhPv9qBcDWwtrSTnaX1HKfJFUKxpFLIX2WJofX9CVbrPJJDmq0bLZB2_j7VcORbTnCQ3Iczcn7RlrI9jvsfVw9ZtP-IiE-McNKh3brM2Li-3cXlt7k6Ab9grOcgk_HskZLNkGh3N6yyuR_T41F4Hw-mOoai-T7A17uI6cwQtLJVXTxwAS9ioyE8gOSBQQIBBgBkgUECAUYBIAHkc3KowOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIICQiA4YAQEAEYAPIIDmJpZGRlci01NjU5NTY2gAoEyAsB2BMNiBQB0BUBgBcBshcICgYIABIAGAA&sigh=CblVGyhS8QU&uach_m=[UACH]&pr=10:0.830386&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 26 Apr 2022 17:03:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Apr 2022 17:03:13 GMT

GET
H2 200 json Show response
trc.taboola.com/safaricomzerod300x250mena-r22137985/trc/3/ Frame 1B50 3 KB
2 KB 172ms
157ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/safaricomzerod300x250mena-r22137985/trc/3/json?tim=17%3A03%3A13.127&lti=deflated&data=%7B%22id%22%3A270%2C%22ii%22%3A%22%2Fzerod-web%2Fe%2Fswitch_to_data%3Fid%3D%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1650975433337%2C%22vi%22%3A1650992593124%2C%22cv%22%3A%2220220426-17-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603%22%2C%22vpi%22%3A%22%2Fzerod-web%2Fe%2Fswitch_to_data%3Fid%3D%22%2C%22e%22%3A%22http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Flanding%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2222137985%22%2C%22orig_uip%22%3A%2222137985%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fzerod-web%2Fe%2Fswitch_to_data%3Fid%3D%2C22137985%3Dthumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220426-17-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 391db2dcd6d1241e22710e40cdbabe8ad2dfe922534e30bce879c4d9066529f2

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 150
date: Tue, 26 Apr 2022 17:03:13 GMT
content-encoding: gzip
server: nginx
x-timer: S1650992593.148177,VS0,VE150
x-served-by: cache-hhn4033-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://safaricom.zerod.live
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E7A 143 B
163 B 23ms
23ms Document
text/html 2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 16:29:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CF00 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04f3ede922867682c83c1cd84c4d8edce5a7af278a57595fde7fa19af46a77df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame CF00 28 KB
28 KB 39ms
9ms Font
font/woff2 2a00:1450:4001:808::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 586173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:13:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

57ms
56ms

Document
text/html

2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 17:03:13 GMT
expires: Tue, 26 Apr 2022 17:03:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 26 Apr 2022 17:03:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 userx.20220426-17-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 1B50 17 KB
6 KB 18ms
17ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220426-17-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/safaricomzerod300x250mena-r22137985/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b5b5d005ee60000a2b0e95717ee1d7d7faf25bb578772b648e8b45ced6d1ca5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: AQdNIKLu3ma9gFzydbGIYWRj1gN6V3ub
content-encoding: gzip
etag: "4b93e602c0f2a08bbd8038866b9a8c51"
age: 17371
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5398
x-amz-id-2: 9/qNPmQbYTCdkpBL4nyf5ON+p23BGqB4ZIqa1LNnYqhwhFJV/eTCK+hFADQNDO/oN+3YpWVhfo8=
x-served-by: cache-hhn4033-HHN
last-modified: Tue, 26 Apr 2022 12:08:10 GMT
server: AmazonS3
x-timer: S1650992593.324552,VS0,VE0
date: Tue, 26 Apr 2022 17:03:13 GMT
vary: Accept-Encoding
x-amz-request-id: E7GDT7H47W3G0JHJ
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 27
x-cache-hits: 6277

GET
H2 200 profile%3Aezone-teaser620x348%3Fsource
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i3-img.prosieben.de/pis/ezone/af47qgELBzZ_waV9V4ynsPl9Xpy8O3hdBAB27mMreMGSh3U92v3... Frame 1B50 17 KB
18 KB 988ms
987ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i3-img.prosieben.de/pis/ezone/af47qgELBzZ_waV9V4ynsPl9Xpy8O3hdBAB27mMreMGSh3U92v3Ua77CMmGlx-3WSjBRKLl8g1wb8fNSfiYI60Tvex0Cj6OSCgsrY6YobV07ZW0ZUTvHYWwaOQ-vwPIYobeTKvJheMmueDzBH-2sQ_VBYja2wSH0QNkEj8AkAgHf5DJ6LStpMNNwvuvYmA/profile%3Aezone-teaser620x348%3Fsource
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: caf56b19948f4628c5a8ee7502bfc4c6b6f034422d440ea532ce7100ce7c1b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-vcl-time-ms: 967
date: Tue, 26 Apr 2022 17:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 489653043221149784808819694835649316172,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 489653043221149784808819694835649316172,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 834
x-cache: MISS, MISS, MISS, MISS, MISS
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i3-img.prosieben.de/pis/ezone/af47qgELBzZ_waV9V4ynsPl9Xpy8O3hdBAB27mMreMGSh3U92v3Ua77CMmGlx-3WSjBRKLl8g1wb8fNSfiYI60Tvex0Cj6OSCgsrY6YobV07ZW0ZUTvHYWwaOQ-vwPIYobeTKvJheMmueDzBH-2sQ_VBYja2wSH0QNkEj8AkAgHf5DJ6LStpMNNwvuvYmA/profile%3Aezone-teaser620x348%3Fsource
content-length: 17698
x-request-id: e4757832414ad71b8328e8baac90cbac
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 19 Apr 2022 14:33:52 GMT
server: nginx
x-timer: S1650992593.334435,VS0,VE967
etag: "cb6cb242cab4cf90cdf927d402de7d21"
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kjyo7100115-IAD, cache-chi-kigq8000149-CHI, cache-iad-kiad7000146-IAD, cache-hhn4033-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H2 204 debug
am-trc-events.taboola.com/safaricomzerod300x250mena-r22137985/log/2/ Frame 1B50 0
90 B 179ms
14ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/safaricomzerod300x250mena-r22137985/log/2/debug?tim=17%3A03%3A13.348&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=3288&cv=20220426-17-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 17:03:13 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14570

GET
H3 200 JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C36 35 KB
13 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JAPUMHT_zNnrVfwA4fX3UESFQekER8YYbnBYivkpjVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 15:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13448
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 15:19:17 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 5DF8 0
839 B 30ms
30ms Ping
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=http%3A%2F%2Fsafaricom.zerod.live%2Fzerod-web%2Fe%2Fswitch_to_data%3Forigin%3Dhttp%253A%252F%252Fsafaricom.zerod.live%252Fzerod-web%252Fr%252Flanding2%253Fid%253D%2526beatserr%253D821%26id%3D%26beatserr%3D821%26code%3D603&e=wqT_3QKXB-iXAwAAAwDWAAUBCNDLoJMGEPKzv5Di0a_8BRgAKjYJ2cwhqYWS6j8RUiHDzySW5j8ZAAAAwPUo9D8hUg0SACkRJNAxAAAA4HoU3j8w752RCzilFUDlHkhlUKGf6SRYuKyWAWAAaLO3K3jZ1wWAAQGKAQNVU0SSAQEG8JWYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAvu1XOoCrQFodHRwOi8vc2FmYXJpY29tLnplcm9kLmxpdmUvemVyb2Qtd2ViL2Uvc3dpdGNoX3RvX2RhdGE_b3JpZ2luPWh0dHAlM0ElMkYlMkZzYWZhcmljb20uemVyb2QubGl2ZSUyRnplcm8FRrAlMkZyJTJGbGFuZGluZzIlM0ZpZCUzRCUyNmJlYXRzZXJyJTNEODIxJmlkPSYREwA9ARFwY29kZT02MDOAAwCIAwGQAwCYAxegAwGqA-kBCr8Fw4BzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20NHkQvZ2VuXzIwND9pZD1hd2JpZCYFBvRTAV9iPUFLQW1mLUJOWGNzY1E5X3piNFgwakE5cFpIRlBYZWE0ZzdzV0ZqZFdoZFc5QzdFTVZ4NXVjWFc4VE5LYjFjTTNYQXhWcTE5NC1nZUVZNDJ5YjJNclpETzVUcWRpc2RDaVFBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjQzMDMwMzI4MjA3OTk4MDAxOCIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDDE5My4yNy4xNC4yNqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABIbVtSLIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF-c6I5JGfjfRUwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFuIAE-gUECAAQAJAGAJgGALgGAMEGAAABMyzwP9AG7o8B2gYWChABEC4BAKgQABgA4AYB8gYCCACABwGIBwCYBwGgBwGqBwwxMzM2ODk0NDM2NDW6Bw8IBSxEIAAwADi6BkAAyAfZ1wXSBw0JEU4BSgzaBwYIBQlE4AcA6gcCCADwB7X7A4oIAhAA&s=cfe97eee92f89dd4b7ffc18c69eb96e5dfa149b7&type=pv&jm=1003&px=647&py=205&bw=300&bh=250&sf=1&sid=6732745811370279031&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23351023&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Apr 2022 17:03:14 GMT
X-Proxy-Origin: 193.27.14.26; 193.27.14.26; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 69b5c9de-d85a-4ddd-b611-ba0b3839cf8d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://safaricom.zerod.live
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 profile%3Aezone-teaser620x348%3Fsource
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i3-img.prosieben.de/pis/ezone/af47qgELBzZ_waV9V4ynsPl9Xpy8O3hdBAB27mMreMGSh3U92v3... Frame 1B50 17 KB
17 KB 10ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i3-img.prosieben.de/pis/ezone/af47qgELBzZ_waV9V4ynsPl9Xpy8O3hdBAB27mMreMGSh3U92v3Ua77CMmGlx-3WSjBRKLl8g1wb8fNSfiYI60Tvex0Cj6OSCgsrY6YobV07ZW0ZUTvHYWwaOQ-vwPIYobeTKvJheMmueDzBH-2sQ_VBYja2wSH0QNkEj8AkAgHf5DJ6LStpMNNwvuvYmA/profile%3Aezone-teaser620x348%3Fsource
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: caf56b19948f4628c5a8ee7502bfc4c6b6f034422d440ea532ce7100ce7c1b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 26 Apr 2022 17:03:14 GMT
via: 1.1 varnish, 1.1 varnish
age: 0
edge-cache-tag: 489653043221149784808819694835649316172,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
cache-tag: 489653043221149784808819694835649316172,341818766630488423269086991181948173068,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 834
x-cache: MISS, MISS, MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i3-img.prosieben.de/pis/ezone/af47qgELBzZ_waV9V4ynsPl9Xpy8O3hdBAB27mMreMGSh3U92v3Ua77CMmGlx-3WSjBRKLl8g1wb8fNSfiYI60Tvex0Cj6OSCgsrY6YobV07ZW0ZUTvHYWwaOQ-vwPIYobeTKvJheMmueDzBH-2sQ_VBYja2wSH0QNkEj8AkAgHf5DJ6LStpMNNwvuvYmA/profile%3Aezone-teaser620x348%3Fsource
content-length: 17698
x-request-id: e4757832414ad71b8328e8baac90cbac
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Tue, 19 Apr 2022 14:33:52 GMT
server: nginx
x-timer: S1650992594.331013,VS0,VE0
etag: "cb6cb242cab4cf90cdf927d402de7d21"
x-served-by: cache-iad-kiad7000078-IAD, cache-iad-kjyo7100115-IAD, cache-chi-kigq8000149-CHI, cache-iad-kiad7000146-IAD, cache-hhn4033-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

POST
H2 204 visible Show response
trc.taboola.com/safaricomzerod300x250mena-r22137985/log/3/ Frame 1B50 0
275 B 17ms
17ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/safaricomzerod300x250mena-r22137985/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220426-17-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 26 Apr 2022 17:03:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650992594.333468,VS0,VE9
x-served-by: cache-hhn4033-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/safaricomzerod300x250mena-r22137985/log/3/ Frame 1B50 0
56 B 245ms
245ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/safaricomzerod300x250mena-r22137985/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220426-17-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://safaricom.zerod.live/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 26 Apr 2022 17:03:14 GMT
via: 1.1 varnish
server: nginx
x-timer: S1650992595.562024,VS0,VE9
x-served-by: cache-hhn4033-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://safaricom.zerod.live
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 1B50 254 B
1 KB 237ms
237ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: HTTP/1.1
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://safaricom.zerod.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via: 1.1 varnish
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
Age: 28400
X-Cache: HIT
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 254
x-amz-id-2: zDuIcdt6S3stmzYEfDXrVDdNiMz2/9b67ArEVSE+q2VR4x9Mp+wDNkBA2o6YRkq7ELRmLKpGRJk=
X-Served-By: cache-cdg20734-CDG
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer: S1650992594.366927,VS0,VE0
Date: Tue, 26 Apr 2022 17:03:14 GMT
x-amz-request-id: YPR93VMR3A8JGEX4
Cache-Control: private,max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
abp: 27
X-Cache-Hits: 8613

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CF00 42 B
64 B 58ms
42ms Fetch
image/gif 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_7QK9kATy0TfNAclXl2bjHVaSribw84eWiUSUFzMK8sqOPvdjM4Ea31RXzV8UyIWIJyz9iwsyOrInUq6DbRsbSiYnx7Soo7y3ke4BS1nCfYcrKQFt8w&sig=Cg0ArKJSzK5tZC6l5RN3EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1606060625&rs=5&la=0&cr=0&vs=4&r=v&rst=1650992592844&rpt=512&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Apr 2022 17:03:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safaricom.zerod.live/zerod-web	1969-12-31 23:59:59	Name: SESSION Value: MGQ0OWM5MTEtOGVhZS00ZmJmLTgyZjAtMDlhNmRhYzgwYThh
safaricom.zerod.live/zerod-web	1969-12-31 23:59:59	Name: TS011d313c Value: 01b02e3e8945609a7c1a333e096e40920c7848aa120ab3d9542433849ad406b42babd70496f1040325bec0f97295f7bca5873fc6d5
safaricom.zerod.live/	1970-01-20 06:55:44	Name: _ga Value: 61ab096f-aa2b-4a6c-9a28-2d69dae8e6d0
safaricom.zerod.live/	1969-12-31 23:59:59	Name: TS01a6d453 Value: 01b02e3e8945609a7c1a333e096e40920c7848aa120ab3d9542433849ad406b42babd70496f1040325bec0f97295f7bca5873fc6d5
.adnxs.com/	1970-01-20 04:46:08	Name: icu Value: ChgItJR6EAoYASABKAEw0MugkwY4AUABSAEQ0MugkwYYAA..
.adnxs.com/	1970-01-20 04:46:08	Name: uuid2 Value: 6531596778783607640
safaricom.zerod.live/	1970-01-20 11:22:08	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Ddc33ccee-c3ca-4ad5-a151-794d00de8089-tuct961ab51
.doubleclick.net/	1970-01-20 02:36:36	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 11:58:08	Name: IDE Value: AHWqTUnj7qVirQRY1ArVL1qUGY4xfv9aihwE9H67MPSEMv373MMHQIiTe0BScfHo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.projectagoraservices.com
adx.adform.net
am-trc-events.taboola.com
cdn.adnxs.com
cdn.jsdelivr.net
cdn.kdaimo.com
cdn.projectagora-adtag-library.com
cdn.taboola.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
googleads.g.doubleclick.net
header.safaricombeats.co.ke
ib.adnxs.com
images.taboola.com
onetag-sys.com
pagead2.googlesyndication.com
prg.smartadserver.com
safaricom.zerod.live
script.4dex.io
secure.adnxs.com
tpc.googlesyndication.com
trc.taboola.com
www.google.com
www.googletagservices.com
www.gstatic.com
141.226.228.48
151.101.129.108
151.101.129.44
18.66.248.4
196.201.213.123
2606:4700:20::681a:9a9
2606:4700::6810:5514
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400e:801::2002
2a00:1450:4014:80e::2001
2a02:26f0:3500:11::215:14c8
2a02:26f0:3500:11::215:14d1
37.157.4.25
37.252.173.215
37.252.173.38
51.89.9.251
81.17.55.113
91.241.94.160
039d349ab4c714a342f97cd4084ee6c95a14a15e101d53e7ca36e891c1800edb
04f3ede922867682c83c1cd84c4d8edce5a7af278a57595fde7fa19af46a77df
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
06a60d17c84381dde59841aafc274017858939890c31f8ce04a200e844a45748
0b5b5d005ee60000a2b0e95717ee1d7d7faf25bb578772b648e8b45ced6d1ca5
1077b4e81880c532ec050485f90b6a4d6c7696feec3eb753a8832b13a0ed5577
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195cd7900d8945030a4a08838c8108f5f6b07d1490b3a194a4a2261cb8e01faa
1b8fc659321ea327b1cdf963a29b1c0d333f0a31bd1b87c55ace5d3d4c776d0a
1eb40459f7d28606de5383815b6eddead5830cd30726da7ac53c489d4fc2a6cd
1f4362568e9be366759f9ada329e928f398f49333040bc12fcf2de18483d1f52
2403d43074ffccd9eb55fc00e1f5f750448541e90447c6186e70588af9298d5a
2d94e7d84f6cceab3387efe1f9e97bb88ae9f705892baab21b4181c9a7804be8
391db2dcd6d1241e22710e40cdbabe8ad2dfe922534e30bce879c4d9066529f2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51567fa9aed529afecdac846ddf4897271cd94aeab45c4e992dbe20339814882
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
7966d708efd9cb7821ca56686773681876cd9fc4effd960eeef97797e5e27329
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7e6a2a41ceb893488e65f890b785daab9830ee269b8933debba8d0691115677e
7e8d9588abbf925ae71617673a387c759bca192ce7a38668bc88576dc256a9fc
824d720c6405a229043f7457b4d7ddcf5f8cbb84625c6fa23d60f1bf21578faf
83837b8c242b342b60e7f5fa9fb00fe8adf4b39bcf66f4a8470f12372e0fe8e1
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8d591022363d0eb71a769805939c4d2bdb37b67671703871e00fb41cc97e653d
912fba92be2e04c0069d92bf1450d896425ee4a2491c930a2632ddb761642e02
94e1ce5a00242c1352435871c46a8f36db344edf4d823234cdce4ccc5f40ca0c
9cab404a239f93927c6c6cc6c16679e07751758068231cc53b5aba5acb8210c4
a2b3b6afaf28b5e500208c806b0e5bbe6e11890cf00ce3d0b48d9aa2154ff684
aea9a8d20533707e95afc9cc9c41d83a272b6ec9ee5030d3b81e637f4f97f82a
b4afe8fb8c912a034e0d39380f91bacde77ca02c22527ad8e3933fb6e4835968
b50a75198d34e4ad82efa4840a3c3c0d319203db9c65295a9a763ebfd0e999dd
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
caf56b19948f4628c5a8ee7502bfc4c6b6f034422d440ea532ce7100ce7c1b97
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
d78a070d2001440115e55d8a881b9df8530b0de2b2dd116af1b02f30d40685bb
d8cd910002cc957350dfc2bab7d2aaf9a51597aac51aaa036929a147dba5c014
df43cf209813fae4d5c5825f999486ff9ae500e75c66e97a5e68c690fea69081
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ee49a195ed8cdf822d0b0f610e09f2653e202c6b441ecd4277675dbb6fc66e
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f0ea41c6ebc4bfb9f3dbe0129097640f019f2ef833ae46b715a95ae8ddb44409
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f871945d47ccc8d1218b233a1f58379d7722f365b9ce9bc7d0019496d03503aa

safaricom.zerod.live Open in urlscan Pro 91.241.94.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

64 %HTTPS

52 %IPv6

18 Domains

26 Subdomains

23 IPs

8 Countries

941 kBTransfer

2221 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safaricom.zerod.live Open in urlscan Pro
91.241.94.160 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

64 %
HTTPS

52 %
IPv6

18
Domains

26
Subdomains

23
IPs

8
Countries

941 kB
Transfer

2221 kB
Size

9
Cookies

72 HTTP transactions
1 data transactions