urlscan.io logo urlscan.io
SecurityTrails logo

www.gazetaexpress.com Open in urlscan Pro
104.26.15.74  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.gazetaexpress.com/
Submission: On February 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 11 countries across 56 domains to perform 436 HTTP transactions. The main IP is 104.26.15.74, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gazetaexpress.com.
This is the only time www.gazetaexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
101 104.26.15.74 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.79.176.48 8075 (MICROSOFT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 5 2.18.232.7 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a03:2880:f02... 32934 (FACEBOOK)
29 212.124.124.165 47328 (TRI-AS Tr...)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 172.217.18.162 15169 (GOOGLE)
1 143.204.94.78 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.26.1.156 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 91.228.74.176 27281 (QUANTCAST)
2 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a03:2880:f12... 32934 (FACEBOOK)
1 13.225.78.112 16509 (AMAZON-02)
1 1 52.94.234.174 16509 (AMAZON-02)
1 99.84.201.217 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 185.59.220.21 60068 (CDN77)
1 184.31.88.106 20940 (AKAMAI-ASN1)
1 2 2.16.186.51 20940 (AKAMAI-ASN1)
8 34.96.108.236 15169 (GOOGLE)
3 52.59.100.228 16509 (AMAZON-02)
1 216.58.210.6 15169 (GOOGLE)
1 52.28.51.75 16509 (AMAZON-02)
8 16 2606:4700:303... 13335 (CLOUDFLAR...)
18 35.156.112.30 16509 (AMAZON-02)
8 69.173.144.140 26667 (RUBICONPR...)
3 2a03:2880:f02... 32934 (FACEBOOK)
8 178.250.0.165 44788 (ASN-CRITE...)
5 185.86.138.32 201081 (SMARTADSE...)
3 105 151.101.114.2 54113 (FASTLY)
8 2a02:2638::3 44788 (ASN-CRITE...)
3 19 104.111.214.103 16625 (AKAMAI-AS)
6 6 18.196.229.216 16509 (AMAZON-02)
3 3 151.101.14.49 54113 (FASTLY)
3 151.101.114.49 54113 (FASTLY)
3 69.173.144.136 26667 (RUBICONPR...)
3 3 40.113.136.100 8075 (MICROSOFT...)
5 5 185.29.133.199 30419 (MEDIAMATH...)
3 3 74.214.194.139 59940 (PULSEPOIN...)
5 5 185.184.8.30 204995 (RTB-HOUSE...)
6 185.33.223.215 29990 (ASN-APPNEX)
11 11 172.217.18.98 15169 (GOOGLE)
5 8 52.208.195.87 16509 (AMAZON-02)
3 3 35.162.160.88 16509 (AMAZON-02)
3 192.132.33.46 18568 (BIDTELLECT)
8 141.226.224.32 200478 (TABOOLA-AS)
8 8 54.93.148.19 16509 (AMAZON-02)
1 1 37.18.16.16 205675 (HYBRID-AS)
1 2 18.202.164.200 16509 (AMAZON-02)
1 23.45.237.36 20940 (AKAMAI-ASN1)
1 1 52.57.76.228 16509 (AMAZON-02)
1 2 52.5.141.0 14618 (AMAZON-AES)
1 2 52.16.75.38 16509 (AMAZON-02)
2 2 35.190.72.21 15169 (GOOGLE)
2 2 147.75.102.200 54825 (PACKET)
1 195.181.175.46 60068 (CDN77)
1 1 91.228.74.179 27281 (QUANTCAST)
9 12 34.95.120.147 15169 (GOOGLE)
436 54
101    104.26.15.74 (United States)

ASN13335 (CLOUDFLARENET, US)
www.gazetaexpress.com
3    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
adservice.google.com
1    13.79.176.48 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
gjstatic.blob.core.windows.net
1    2606:4700:3034::6818:7eaa (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
5    2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
t.teads.tv
1    2606:4700:3030::681b:b5b8 (United States)

ASN13335 (CLOUDFLARENET, US)
twpasol.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
6    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
29    212.124.124.165 (Reston, United States)

ASN47328 (TRI-AS True Records Inc., ES)
aj1431.online
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
securepubads.g.doubleclick.net
1    143.204.94.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-78.fra50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
4    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.26.1.156 (United States)

ASN13335 (CLOUDFLARENET, US)
video.gjirafa.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    91.228.74.176 (United Kingdom)

ASN27281 (QUANTCAST, US)
edge.quantserve.com
2    2606:4700:3030::6818:6d7c (United States)

ASN13335 (CLOUDFLARENET, US)
projectagoralibs.com
7    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.225.78.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-112.fra2.r.cloudfront.net
certify.alexametrics.com
1    52.94.234.174 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
cloudfront-labs.amazonaws.com
1    99.84.201.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-201-217.lax3.r.cloudfront.net
a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net
3    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:2156:f200:17:5578:e080:21 (United States)

ASN16509 (AMAZON-02, US)
d2zv5rkii46miq.cloudfront.net
2    2600:9000:21f3:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    185.59.220.21 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
cdn77.aj1431.online
1    184.31.88.106 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
2    2.16.186.51 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com
b.scorecardresearch.com
8    34.96.108.236 (United States)

ASN15169 (GOOGLE, US)
PTR: 236.108.96.34.bc.googleusercontent.com
ads.projectagoraservices.com
3    52.59.100.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-100-228.eu-central-1.compute.amazonaws.com
message909.gazetaexpress.com
1    216.58.210.6 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f6.1e100.net
ad.doubleclick.net
1    52.28.51.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-51-75.eu-central-1.compute.amazonaws.com
www.summerhamster.com
16    2606:4700:3037::6812:3d5e (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
18    35.156.112.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
sourcepoint.mgr.consensu.org
8    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)
an.facebook.com
8    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
105    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
8    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
19    104.111.214.103 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
6    18.196.229.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-229-216.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
3    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.taboola.com
3    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
match.zorosrv.com
3    69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    40.113.136.100 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.powerlinks.com
5    185.29.133.199 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    74.214.194.139 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
bh.contextweb.com
5    185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
ams.creativecdn.com
6    185.33.223.215 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
11    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
8    52.208.195.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-195-87.eu-west-1.compute.amazonaws.com
match.adsrvr.org
3    35.162.160.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-160-88.us-west-2.compute.amazonaws.com
www.storygize.net
3    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
8    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
8    54.93.148.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-148-19.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    37.18.16.16 (Moscow, Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
2    18.202.164.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-164-200.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.57.76.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-76-228.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    52.5.141.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-141-0.compute-1.amazonaws.com
i.liadm.com
2    52.16.75.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
ml314.com
2    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    147.75.102.200 (Central, Hong Kong)

ASN54825 (PACKET, US)
loadm.exelator.com
1    195.181.175.46 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-195-181-175-46.datapacket.com
load77.exelator.com
1    91.228.74.179 (United Kingdom)

ASN27281 (QUANTCAST, US)
pixel.quantserve.com
12    34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
Apex Domain
Subdomains		 Transfer
116 taboola.com
cdn.taboola.com
trc.taboola.com
match.taboola.com
cds.taboola.com
images.taboola.com
2 MB
104 gazetaexpress.com
www.gazetaexpress.com
message909.gazetaexpress.com
4 MB
30 aj1431.online
aj1431.online
cdn77.aj1431.online
170 KB
21 scorecardresearch.com
b.scorecardresearch.com
sb.scorecardresearch.com
14 KB
18 consensu.org
sourcepoint.mgr.consensu.org
7 KB
16 projectagora.net
projectagora.net
632 KB
16 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
cm.g.doubleclick.net
90 KB
12 openx.net
projectagora-d.openx.net Failed
u.openx.net
us-u.openx.net
3 KB
11 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
6 KB
10 facebook.com
www.facebook.com
an.facebook.com
2 KB
8 bidswitch.net
x.bidswitch.net
3 KB
8 adsrvr.org
match.adsrvr.org
3 KB
8 criteo.net
static.criteo.net
129 KB
8 criteo.com
bidder.criteo.com
1 KB
8 projectagoraservices.com
ads.projectagoraservices.com
80 KB
6 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
6 adnxs.com
ib.adnxs.com Failed
4 KB
6 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
14 KB
6 facebook.net
connect.facebook.net
318 KB
6 teads.tv
a.teads.tv
sync.teads.tv
t.teads.tv
191 KB
5 creativecdn.com
creativecdn.com
ams.creativecdn.com
2 KB
5 mathtag.com
sync.mathtag.com
4 KB
5 smartadserver.com
prg.smartadserver.com
7 KB
4 gstatic.com
fonts.gstatic.com
63 KB
3 exelator.com
loadm.exelator.com
load77.exelator.com
2 KB
3 bttrack.com
bttrack.com
1 KB
3 storygize.net
www.storygize.net
1 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 powerlinks.com
px.powerlinks.com
1 KB
3 zorosrv.com
match.zorosrv.com
635 B
3 quantserve.com
edge.quantserve.com
pixel.quantserve.com
7 KB
3 cloudfront.net
d31qbv1cthcecs.cloudfront.net
a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net
d2zv5rkii46miq.cloudfront.net
4 KB
3 google-analytics.com
www.google-analytics.com
18 KB
2 rlcdn.com
idsync.rlcdn.com
848 B
2 ml314.com
ml314.com
884 B
2 liadm.com
i.liadm.com
862 B
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 quantcount.com
rules.quantcount.com
776 B
2 projectagoralibs.com
projectagoralibs.com
171 KB
2 google.com
adservice.google.com
www.google.com
358 B
2 google.de
adservice.google.de
www.google.de
280 B
1 agkn.com
aa.agkn.com
334 B
1 bluekai.com
tags.bluekai.com
329 B
1 hybrid.ai
dm.hybrid.ai
407 B
1 summerhamster.com
www.summerhamster.com
266 B
1 amazonaws.com
cloudfront-labs.amazonaws.com
218 B
1 alexametrics.com
certify.alexametrics.com
551 B
1 gjirafa.com
video.gjirafa.com
1 onesignal.com
cdn.onesignal.com
3 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 twpasol.com
twpasol.com
2 KB
1 adxbid.info
adxbid.info
46 KB
1 windows.net
gjstatic.blob.core.windows.net
8 KB
1 googletagservices.com
www.googletagservices.com
14 KB
0 pubmatic.com Failed
hbopenbid.pubmatic.com Failed
0 adform.net Failed
adx.adform.net Failed
436 56
Domain Requested by
101 www.gazetaexpress.com www.gazetaexpress.com
47 trc.taboola.com 3 redirects cdn.taboola.com
www.gazetaexpress.com
30 cdn.taboola.com www.gazetaexpress.com
cdn.taboola.com
29 aj1431.online www.gazetaexpress.com
aj1431.online
28 images.taboola.com www.gazetaexpress.com
cdn.taboola.com
19 sb.scorecardresearch.com 3 redirects cdn.taboola.com
www.gazetaexpress.com
18 sourcepoint.mgr.consensu.org projectagoralibs.com
16 projectagora.net 8 redirects www.gazetaexpress.com
11 cm.g.doubleclick.net 11 redirects
9 u.openx.net 9 redirects
8 x.bidswitch.net 8 redirects
8 cds.taboola.com www.gazetaexpress.com
8 match.adsrvr.org 5 redirects
8 static.criteo.net projectagora.net
8 bidder.criteo.com projectagora.net
8 fastlane.rubiconproject.com projectagora.net
8 ads.projectagoraservices.com aj1431.online
7 www.facebook.com www.gazetaexpress.com
connect.facebook.net
6 rtb.mfadsrvr.com 6 redirects
6 ib.adnxs.com projectagora.net
www.gazetaexpress.com
cdn.taboola.com
6 connect.facebook.net www.gazetaexpress.com
connect.facebook.net
5 sync.mathtag.com 5 redirects
5 prg.smartadserver.com projectagora.net
4 fonts.gstatic.com www.gazetaexpress.com
3 us-u.openx.net
3 bttrack.com www.gazetaexpress.com
cdn.taboola.com
3 www.storygize.net 3 redirects
3 creativecdn.com 3 redirects
3 bh.contextweb.com 3 redirects
3 px.powerlinks.com 3 redirects
3 pixel.rubiconproject.com www.gazetaexpress.com
cdn.taboola.com
3 match.zorosrv.com www.gazetaexpress.com
3 match.taboola.com 3 redirects
3 an.facebook.com projectagora.net
3 message909.gazetaexpress.com projectagoralibs.com
3 pagead2.googlesyndication.com www.gazetaexpress.com
securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 www.google-analytics.com 1 redirects www.gazetaexpress.com
3 a.teads.tv 1 redirects www.gazetaexpress.com
a.teads.tv
2 loadm.exelator.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 ml314.com 1 redirects www.gazetaexpress.com
2 i.liadm.com 1 redirects www.gazetaexpress.com
2 sync.crwdcntrl.net 1 redirects www.gazetaexpress.com
2 ams.creativecdn.com 2 redirects
2 t.teads.tv www.gazetaexpress.com
2 b.scorecardresearch.com 1 redirects www.gazetaexpress.com
2 rules.quantcount.com 1 redirects www.gazetaexpress.com
2 projectagoralibs.com twpasol.com
projectagoralibs.com
2 edge.quantserve.com 1 redirects www.gazetaexpress.com
1 pixel.quantserve.com 1 redirects
1 load77.exelator.com www.gazetaexpress.com
1 aa.agkn.com 1 redirects
1 tags.bluekai.com www.gazetaexpress.com
1 dm.hybrid.ai 1 redirects
1 www.summerhamster.com www.gazetaexpress.com
1 ad.doubleclick.net www.gazetaexpress.com
1 sync.teads.tv a.teads.tv
1 cdn77.aj1431.online www.gazetaexpress.com
1 d2zv5rkii46miq.cloudfront.net projectagoralibs.com
1 a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net www.gazetaexpress.com
1 cloudfront-labs.amazonaws.com 1 redirects
1 certify.alexametrics.com www.gazetaexpress.com
1 www.google.de www.gazetaexpress.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 video.gjirafa.com www.gazetaexpress.com
1 d31qbv1cthcecs.cloudfront.net www.gazetaexpress.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 cdn.onesignal.com www.gazetaexpress.com
1 fonts.googleapis.com www.gazetaexpress.com
1 twpasol.com www.gazetaexpress.com
1 adxbid.info www.gazetaexpress.com
1 gjstatic.blob.core.windows.net www.gazetaexpress.com
1 www.googletagservices.com www.gazetaexpress.com
0 projectagora-d.openx.net Failed projectagora.net
0 hbopenbid.pubmatic.com Failed projectagora.net
0 adx.adform.net Failed projectagora.net
436 80

This site contains links to these domains. Also see Links.

Domain
www.shkabaj.net
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 4		 2020-01-28 -
2022-01-28		 2 years crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-25 -
2020-10-09		 a year crt.sh
teads.tv
Let's Encrypt Authority X3		 2020-01-08 -
2020-04-07		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-11 -
2020-04-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
certify.alexametrics.com
Amazon		 2019-07-26 -
2020-08-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
sourcepoint.mgr.consensu.org
DigiCert SHA2 Secure Server CA		 2019-04-22 -
2020-04-29		 a year crt.sh
agora.asist.gr
Let's Encrypt Authority X3		 2019-12-20 -
2020-03-19		 3 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2019-12-05 -
2021-04-08		 a year crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-02-14 -
2020-07-25		 5 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
g2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-11-21 -
2020-11-12		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2019-03-19 -
2021-04-13		 2 years crt.sh
*.taboola.com
DigiCert ECC Secure Server CA		 2019-09-03 -
2020-09-10		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
*.liadm.com
Amazon		 2019-12-28 -
2021-01-28		 a year crt.sh
*.ml314.com
Amazon		 2020-02-17 -
2021-03-17		 a year crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3		 2020-01-21 -
2020-04-20		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 33 frames:

Primary Page: http://www.gazetaexpress.com/
Frame ID: F322656144D86644932A60F850E08D7C
Requests: 191 HTTP requests in this frame

Frame: https://video.gjirafa.com/embed/t7-live
Frame ID: DEDA21ADB683396B59CFE85C8F833003
Requests: 1 HTTP requests in this frame

Frame: http://aj1431.online/z-u8bM-IhLuHm6jtsH60MQwV2MKTzl9Nf64lBvGnTL0QfzACW_zhmwrr6-XLC8YKmfbviPw0mmAfcXNEZ9QVr-HDmRIRSzKSCE9-_pBJ_daHlJv1qeChEqWHfD5JTWoGGySa0PGVrmg4XBCWrRTSZL2sQHotuRp3nnL8-hDkJ4TBMoRzkR5WvB87aH59LnP9Hxsx9So1TEafsIOiWmpdJwJNpe-3T4MC-cwi8XeCLi2AHsM5kzM5gHy9JXhvgx3aSpDeeEjd2N5racFMBTmNo4onOKtr8vN8S_zzNLZQXU3YEU3_RhpoTrZnaS987Zf2HK73-ATis2qcUd96Xof9vNNsRxnNPQA76Khe37isY?DC=DO
Frame ID: C64A4163302F4C18ABADC64933E7B638
Requests: 2 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: 4AF33B957FE398EB2FB59D7A5EC1739F
Requests: 1 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=6750
Frame ID: E618F1A927A87E9548E13E30369CC048
Requests: 9 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=4361
Frame ID: 236C1CA7810414A7E8BF77E6B1CE4C2F
Requests: 13 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=6751
Frame ID: ECA7A2265827776C66AE931DB606BDDF
Requests: 9 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=4361
Frame ID: 062539236065CB5B7A8C2945E9821C34
Requests: 13 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=5043
Frame ID: 22BA82D1F14E990E5072CCE7D0B19BAD
Requests: 11 HTTP requests in this frame

Frame: http://aj1431.online/zQA_OAifniDOT6x8GkV3QyGT2Ro0KfQOTi5cHmEFqtOKrTlTXICOwhCUEl-8Q7bmwWWm75PmAemZI1S9zRhVLB_Wi7AmZxrh7aTTYBGm7KFUnGEcrMqApBjJRE2bWmcXAbWMbedfoNO-GfojraL9k2iuwj4nHqAktkeHklJOZvhf-1DT5oU6PX6PiRRVWe7IQbu6RrVggjpFz2X3dLKwZ8LY-nS9pl4IJioIDmVZeui2d_loAu8ScN6od3S11f741aWKqbOMAwFd7z1xZVxSTt6RvKJfSY0Tx74N-_ZpsR0HS-S5A0R9TVvmzou-yIiPGic4XJ-j0I5xs6g0x5g?DC=DO
Frame ID: 5C7658A1DED922E622544FDBDD1BE1E3
Requests: 1 HTTP requests in this frame

Frame: http://aj1431.online/zS5AJMggdn9W83dVTkLUFtCY1qqz6UvSidwBXdBYB8aYBUxsGul-PhZSLYwC2MwzsYTpJ8wgMwLi8vhNdMcc7v2wwnDKcewSGFh2E21oeldXK8S34A6-_iKiOtSuohdRb-8gVFjvqlnb-sznsz7RkvfNSxk8qEKyLybOk3VVfjfnsip94k2t0nkUnRPPOypKYITDMXMiHWmGqZK_DOAWOiusVLlw-pUcE-wrxsCxg8ae4aj1mXbiXW1aeGgHP6277mpHwvRWyhnICg_yEWsG94HeYFwzv6Fnlb9r_D3FiOwQXzzMoTpaWDEndeLeo0zmSNJGYaIo1I_OTdbeJnA?DC=DO
Frame ID: BD2AC3BAF3B2B573374C8B6C12C0E980
Requests: 1 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=5043
Frame ID: 39D72F44A96320AB7C5F5CB7B83FCBDE
Requests: 11 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=4360
Frame ID: BC46F8C27E423188EBCCDA7ED7237887
Requests: 13 HTTP requests in this frame

Frame: http://aj1431.online/zpKz0o3HvGbam8I-CWV-9BtKtzeFu0arMJsYds2vt_E02t60MJggP_pbnSXYwT6vhzUB4Ryby3k2d_f4KMcMHHOg-OJidNTEcAAtsSCpIYOUwqoS1cWr6z67ZKVruRW3cVCkKoLybo1b2qp0HKqI9H4nj-IkA117T4KLq319N0aP8tnQl9YiqrKOj68TfdNvM0nirN4recYEQmo567DDVUh1BW9rHhP67hvIaDSoCBB1pBG2e2HC-JkhRIe45aLB7-yQrcHGB97gxYHvhkgR1ydukkFTkKGrJqI8rI2ugYVyamu2T8N4iIuI3i70fdJmjK6BLngo5WFYEaaNq?DC=DO
Frame ID: 4E0D352F38C534B305E6262A57A11680
Requests: 1 HTTP requests in this frame

Frame: http://aj1431.online/zgJkWr5tpyKfxal2gB3RrwAcsr2WgsrWVMAWy-IzvqzBwg1lri1X_RudPOGvFCnXyulaoG8BHZxKuCoZFHBa1sjwVp5qgkDUBP5RcgPfurfYV9jjO2egsxFooVhmwqnrnf3RAc3b00d6lyIwz-51-YyIsyHNfj5nk5KMuZR00WLfFqczVLqfKYdK19VIb4NamG9aGWcXekkW9zLxcbeqIxNDAZxH6m_v2WB_7Sx16MaWjm0awjzTry29f1QcLxZ4a-Wa2AKxbE7_ysJxPbnNyhxiyMvKEdNxfLgUjgV8rU9WOLwpChs3QMj0vSEgxyoDyg5x2wquDUsF_GzV1iQ?DC=DO
Frame ID: 1288FC8ADE70360187FF988EA1C61823
Requests: 1 HTTP requests in this frame

Frame: http://ads.projectagoraservices.com/?id=5043
Frame ID: 95B1F446AA8F0B6B073C134E5D45AF1C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: D8AA9C8BDF3401C104F72E873A7DDB67
Requests: 1 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Frame ID: B21999BC340DF6D19CD17EBF355DE1B5
Requests: 7 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Frame ID: 536D84C11B6D23EE6B6FFC3F080A412B
Requests: 14 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Frame ID: 00A5D2B4D4D9A01D46FFBA4615F40828
Requests: 13 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Frame ID: A9C360DF30214296DA1926CF5090B193
Requests: 12 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Frame ID: 88E9666F4AD984CB2BE37A23ADC96B5C
Requests: 7 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Frame ID: C17071549CE57EDCF6463D52A4DCFDDA
Requests: 14 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Frame ID: 019213E52C04FD14505EA42C3A419562
Requests: 14 HTTP requests in this frame

Frame: http://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Frame ID: 6A59866A03E0EF2C73DA69EECFA4F0B7
Requests: 12 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
Frame ID: 429C4E4B069989E72C02C44DF513ED1C
Requests: 14 HTTP requests in this frame

Frame: https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
Frame ID: AF7C9B422EECD506825E3360A2ED9B35
Requests: 14 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=Q8SO23-cVAWtmqQX43j0qIfCQscM0N5Di1UZogXOG4o%3D
Frame ID: 0529EDE799694148AAD56B9CC46C5576
Requests: 20 HTTP requests in this frame

Frame: https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=2292064
Frame ID: 422F5757683F3BA36CDD03DF168941B7
Requests: 1 HTTP requests in this frame

Frame: https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=9704095
Frame ID: 6E3E921319AA130C34286F2207B6594C
Requests: 1 HTTP requests in this frame

Frame: https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=4099036
Frame ID: E2E91881FF3ADED1BFE4705681DDB063
Requests: 1 HTTP requests in this frame

Frame: https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=5933260
Frame ID: 4C015BC25ABF7D85F70EC60224C63141
Requests: 1 HTTP requests in this frame

Frame: https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=2274823
Frame ID: BD84B3AB1D9A2242D4E1C6E3A19EA8AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

436
Requests

76 %
HTTPS

29 %
IPv6

56
Domains

80
Subdomains

54
IPs

11
Countries

8822 kB
Transfer

16403 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://a.teads.tv/page/76285/tag HTTP 301
  • https://a.teads.tv/page/76285/tag
Request Chain 66
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 119
  • http://www.google-analytics.com/r/collect?v=1&_v=j81&a=149355693&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=IGBACEABB~&jid=1051365991&gjid=1408789195&cid=1440873597.1581905855&tid=UA-6427330-1&_gid=195046397.1581905855&_r=1&z=1464888103 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=149355693&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=IGBACEABB~&jid=1051365991&gjid=1408789195&cid=1440873597.1581905855&tid=UA-6427330-1&_gid=195046397.1581905855&_r=1&z=1464888103 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_gid=195046397.1581905855&gjid=1408789195&_v=j81&z=1464888103 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_v=j81&z=1464888103 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_v=j81&z=1464888103&slf_rd=1&random=802655211
Request Chain 120
  • http://www.google-analytics.com/collect?v=1&_v=j81&a=149355693&t=event&_s=2&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABB~&jid=&gjid=&cid=1440873597.1581905855&tid=UA-6427330-1&_gid=195046397.1581905855&z=1233803000 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j81&a=149355693&t=event&_s=2&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABB~&jid=&gjid=&cid=1440873597.1581905855&tid=UA-6427330-1&_gid=195046397.1581905855&z=1233803000
Request Chain 122
  • http://edge.quantserve.com/quant.js HTTP 301
  • https://edge.quantserve.com/quant.js?https_upg=1
Request Chain 123
  • http://connect.facebook.net/en_US/fbds.js HTTP 307
  • https://connect.facebook.net/en_US/fbds.js
Request Chain 129
  • http://cloudfront-labs.amazonaws.com/x.png HTTP 302
  • http://a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net/test.png
Request Chain 138
  • http://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js HTTP 301
  • https://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
Request Chain 160
  • http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1581905855220&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=69376183&cs_ucfr=1 HTTP 302
  • http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1581905855220&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=69376183&cs_ucfr=1
Request Chain 188
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 189
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 190
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 191
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 192
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 193
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 194
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 195
  • http://projectagora.net/libs/prebid.js HTTP 301
  • https://projectagora.net/libs/prebid.js
Request Chain 310
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&tbid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19&isDirect=0 HTTP 302
  • https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
Request Chain 312
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
Request Chain 313
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=45725e49-f7c2-4400-8027-3bc4ab2233f2 HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
Request Chain 314
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=EjC9ev6N3rrE&ev=1&pid=562107
Request Chain 315
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola&tc=1
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
Request Chain 320
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=0a11fb44-27db-417f-aaee-b18ce9953d8e-tuct5437d42 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
  • https://dm.hybrid.ai/bidswitch-match?ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=258&user_id=07b1f6de11113166384d&expires=30&ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
Request Chain 324
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858314&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858314&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Request Chain 325
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&tbid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19&isDirect=0 HTTP 302
  • https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
Request Chain 327
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
Request Chain 328
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
Request Chain 329
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=8A3luaPqz4W1&ev=1&pid=562107
Request Chain 330
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=6c544848-a668-41dd-ba0d-f5b0384a3303 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=6c544848-a668-41dd-ba0d-f5b0384a3303 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a457213e-c899-41b7-84d9-8b98c5df44c5&ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
Request Chain 338
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 342
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858345&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858345&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Request Chain 343
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858516&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858516&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Request Chain 355
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D HTTP 302
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=Q8SO23-cVAWtmqQX43j0qIfCQscM0N5Di1UZogXOG4o%3D
Request Chain 360
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
Request Chain 361
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a457213e-c899-41b7-84d9-8b98c5df44c5 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a457213e-c899-41b7-84d9-8b98c5df44c5&tbid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&query=taboola_hm%3Da457213e-c899-41b7-84d9-8b98c5df44c5&isDirect=0 HTTP 302
  • https://match.zorosrv.com/match?tabid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&extuid=a457213e-c899-41b7-84d9-8b98c5df44c5&excid=218&query=taboola_hm%3Da457213e-c899-41b7-84d9-8b98c5df44c5
Request Chain 363
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID] HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=dc285e49-f7c3-4b00-b5c8-400566b03386 HTTP 302
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=dc285e49-f7c3-4b00-b5c8-400566b03386
Request Chain 364
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%% HTTP 302
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=UI7nM063s0ht&ev=1&pid=562107
Request Chain 365
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=bCdEAGsshKXOMyRjMuho&pi=taboola&tc=1
Request Chain 367
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43 HTTP 302
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990903334000036331
Request Chain 368
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43 HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_li_chk=true&previous_uuid=628adac7d97f46238461c2d333b3c887
Request Chain 369
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3608239461380390924 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwODIzOTQ2MTM4MDM5MDkyNBAAGg0IxO-n8gUSBQjoBxAAQgBKAA HTTP 307
  • https://ml314.com/csync.ashx?fp=d97f27aa81e5432621f0148a97a9b4a3b2277312d3f97517d7e2a9b5daec60e9f4cb09cee1a4f8eb&person_id=3608239461380390924&eid=50082
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg6bercmTzffGCOealDw2s&google_cver=1
Request Chain 371
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d27b104d-ceff-4eb5-84b4-bf848e1de5eb
Request Chain 372
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43 HTTP 302
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 373
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 375
  • https://x.bidswitch.net/sync?ssp=taboola HTTP 302
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=taboola&gdpr=1&user_id=KackS3r1c0YxpCNKeKQ9ES_3KUcx8yIRK6PJjRci HTTP 302
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
Request Chain 415
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHSaMfRrYctd59LbVAp4El4&google_cver=1
Request Chain 416
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJj_tzupE5VGYMebHfEX1fQ&google_cver=1
Request Chain 417
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://u.openx.net/w/1.0/pd?cc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs54TpyZnlm9lzm4Epw0n8&google_cver=1
Request Chain 418
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
Request Chain 419
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
Request Chain 420
  • https://u.openx.net/w/1.0/pd HTTP 302
  • https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1

436 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.gazetaexpress.com/ 		65 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2109570086eab4792fa1f574e94554cdf8b23a4847953afba5f71fbeb812df38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
www.gazetaexpress.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:34 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de361e49e0c6144a5b6032c291c3551261581905854; expires=Wed, 18-Mar-20 02:17:34 GMT; path=/; domain=.gazetaexpress.com; HttpOnly; SameSite=Lax
Vary
Accept-Encoding
Link
<https://www.gazetaexpress.com/wp-json/>; rel="https://api.w.org/"
Strict-Transport-Security
max-age=63072000; includeSubdomains
X-Frame-Options
DENY
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
566444056e5d355e-LHR
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"430 / 359 of 1000 / last-modified: 1581701607"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14535
x-xss-protection
0
expires
Mon, 17 Feb 2020 02:17:34 GMT
gjdmp.js
gjstatic.blob.core.windows.net/fix/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gjstatic.blob.core.windows.net/fix/gjdmp.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.79.176.48 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
60a6793e2a5b79a24da26057cc8088555eeb0d8767b7ab9649111902320ed516

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 17 Feb 2020 02:17:34 GMT
Last-Modified
Wed, 02 Oct 2019 09:38:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
Yyk843K7TGWG7aNdGwsiqw==
ETag
0x8D7471C3ADAE253
Content-Type
application/javascript
x-ms-request-id
35a3f2d2-401e-001c-2b38-e5c5c5000000
x-ms-version
2009-09-19
Content-Length
7462
gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
adxbid.info/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/gf_AL-BA-BI-BY-CD-CF-CU-IQ-IR-KP-LB-LY-ME-MK-RS-RU-SD-SO-SS-SY-UA-VE-YE-ZW_gazetaexpress.com_all.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6818:7eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7f6f755f5421b32de82492c7b00918c6726f108a451a79ec1c94c21f8a372a8

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 22 Jan 2020 10:36:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cf-ray
56644405fd5adfcf-FRA
tag
a.teads.tv/page/76285/
Redirect Chain
  • http://a.teads.tv/page/76285/tag
  • https://a.teads.tv/page/76285/tag
785 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/76285/tag
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
faef3c08902b0fe2604d8b24abe0a0ade380d1dd174a2d84ab3476e87cf47463

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
483
expires
Mon, 17 Feb 2020 03:17:34 GMT

Redirect headers

Location
https://a.teads.tv/page/76285/tag
Date
Mon, 17 Feb 2020 02:17:34 GMT
Cache-Control
private, must-revalidate, max-age=3600
Connection
keep-alive
Content-Length
0
Expires
Mon, 17 Feb 2020 03:17:34 GMT
gazetaexpress.com.js
twpasol.com/c/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://twpasol.com/c/gazetaexpress.com.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
2606:4700:3030::681b:b5b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85db0d8fd5bd2dfd7094217b9903bf6a7778883792e8cfabd5fa843fa8493b2d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1820
Content-Type
application/javascript
Connection
keep-alive
Content-Length
1536
x-amz-id-2
irXusP5YVf6B1VgoaDE/W/G9ztY2HcYhJ79QkfpU+VL7EBGDCM8f5PsdgIkAq0q1ZDM0hrMdZRc=
Last-Modified
Wed, 15 Jan 2020 12:26:51 GMT
Server
cloudflare
ETag
"b902aeb54b318200969a6e60b11c8a92"
Vary
Accept-Encoding
x-amz-request-id
DF1C78C3873B3C6F
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
5664440718649754-FRA
style.min.css
www.gazetaexpress.com/wp-includes/css/dist/block-library/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
566444060dc4e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
blocks.style.build.css
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.3.2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-polished
origSize=27723
x-cache-status
HIT
status
200
last-modified
Wed, 04 Sep 2019 23:49:11 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
566444060dc5e5fc-LHR
expires
Sun, 16 Feb 2020 02:47:21 GMT
css
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09f7ec321b3b57c5ea57733824614d5b2bf433d47bec7120e898a3d85918c3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 02:17:34 GMT
server
ESF
date
Mon, 17 Feb 2020 02:17:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Feb 2020 02:17:34 GMT
bootstrap.min.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/css/ 		138 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/css/bootstrap.min.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02757d53179a86b474d0a406b1eaaf1ff53cc755be7d5ba9586adafa8ec3a621

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:41 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
566444060dc6e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
jquery.fancybox.min.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/jquery.fancybox.min.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:29 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
566444060dc9e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
jquery.bxslider.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/ 		3 KB
879 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/jquery.bxslider.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce314178842e6606a8ff7626000deca961d99324be36eceba70a8df5f8f21c40

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231277
cf-polished
origSize=4112
status
200
last-modified
Thu, 07 Feb 2019 17:34:33 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
566444061dcbe5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
font-awesome.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/font-awesome.css?ver=1.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231277
cf-polished
origSize=37414
status
200
last-modified
Sat, 09 Mar 2019 21:35:54 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
566444060dc7e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
style.css
www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.12
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f28fadf5d37fc4622fec65b17a2e4c2a601513e98a69448c2fdbcb309955f2aa

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231277
cf-polished
origSize=23191
status
200
last-modified
Fri, 20 Dec 2019 10:48:29 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
566444061dcce5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
wp-featherlight.min.css
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/css/wp-featherlight.min.css?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
style

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
cf-ray
566444060dc8e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
jquery.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231277
cf-polished
origSize=96873
status
200
last-modified
Wed, 04 Sep 2019 23:48:22 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
566444062df3e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
jquery-migrate.min.js
www.gazetaexpress.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 05:11:28 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
566444062df4e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
jquery-1.12.4.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/jquery-1.12.4.min.js?ver=1.0.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:35 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
566444062df2e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
jquery.easing.1.3.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		4 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/jquery.easing.1.3.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231277
cf-polished
origSize=8097
status
200
last-modified
Thu, 07 Feb 2019 15:01:35 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
566444062defe5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1803
etag
W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
56644406fd29650f-FRA
expires
Mon, 17 Feb 2020 14:17:34 GMT
sdk.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ad82719277b64e16edc496382e11a018f8b8b0b0e4641d5a9717c9b60c77ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Zy/A+OkguRWyBsiPqZZJkw==
status
200
date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
expires
Mon, 17 Feb 2020 02:19:53 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1779
x-fb-debug
jB1kzenpfBmjBXnneD7l9aimz/pXIxIMJOceV3kkM0o9QOwQKfckezVyDxqBu2A3CN1FV5yM44uw07OD9GKyMQ==
x-fb-trip-id
1850256238
x-fb-content-md5
ea10d449cb2cf78709c3d50c1ed3c7e7
etag
"149b7f9e0265109430a9b17aebdd4d01"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
041528fb.js
aj1431.online/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/041528fb.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
dfe8f6126edce1f16e2a149e2c7b5aa912fb44baa10d8dde20d323c38471f7ab

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
etag
"0ec0a59105178e3f0fb2b4b9ab78dd0e0"
transfer-encoding
chunked
content-type
application/javascript
ks-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/ks-flag.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1194c1d29ca7cd11f79be59b08fdca876dbed47faf13c6932ec89e338c9c607a

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Oct 2014 06:23:32 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff3ce5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
al-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/al-flag.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5057f8b1ced4dc7f9cd6dcad22abdf06e0dd16de9a9d6ad47e6f1bb2e0cf9a7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2017 23:56:12 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff3fe5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
mk-flag.png
www.gazetaexpress.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/mk-flag.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80ed123fc6e616e3595c2172616add173dfb5085f72f4811f10bb45c35c1c1e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2017 23:56:06 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff41e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
en-flag.png
www.gazetaexpress.com/public/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/en-flag.png?12
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe33dcc2df517cdd648947e2d644014e8dc13b42813314b7022c430420f24aa

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2017 12:24:41 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff42e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
logo.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d860bcd49cc302f2ac6948ce99b714152920b39d660a72c82b75aff600967d03

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:22 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff45e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
logo4.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo4.png?v=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:29:05 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff46e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
Screenshot_6-27-600x360.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Screenshot_6-27-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6876ed52502d4f4e5bc2cb1f6438ccc1a503003e6f10aa98c464f694ef2c46

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 22:19:58 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff48e5fc-LHR
expires
Sun, 16 Feb 2020 22:20:23 GMT
85239589_802797423553477_4578798581963554816_o-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/85239589_802797423553477_4578798581963554816_o-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf2a6893ba8e69edab45b903e1a432c5bda8ba5e79e7d333919d74398d3582d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:20:44 GMT
server
cloudflare
age
14135
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff4ae5fc-LHR
expires
Wed, 26 Feb 2020 22:21:59 GMT
fatmir-sejdiu-590x360.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		284 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/fatmir-sejdiu-590x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a457677ee1bc67d246a143dbe7ccd8471eef2530fc45dd39186f892ac88c1da9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 21:20:23 GMT
server
cloudflare
x-cache-status
MISS
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff4ce5fc-LHR
expires
Sun, 16 Feb 2020 21:21:06 GMT
8285948145e4991e12d8f4595331334_v4_big-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/8285948145e4991e12d8f4595331334_v4_big-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a8a3c0187c323400fae97f281297a650b9911768f12f6f844ad6deb0e6a625

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 21:06:09 GMT
server
cloudflare
age
18623
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff4de5fc-LHR
expires
Wed, 26 Feb 2020 21:07:11 GMT
ujqit-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/ujqit-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e1dd854b29438df779b28e403f82f57c0cfbcd675ac2d1b37a9ecc6dc65b41c

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 20:38:31 GMT
server
cloudflare
age
20295
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff4fe5fc-LHR
expires
Wed, 26 Feb 2020 20:39:19 GMT
Amirii-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Amirii-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4167f25b3f53d588dc3a6da96e55d3e066accd79a1c0d1857b7e3f6446670d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:18:43 GMT
server
cloudflare
age
14274
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff51e5fc-LHR
expires
Wed, 26 Feb 2020 22:19:40 GMT
Screenshot_10-6-600x360.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Screenshot_10-6-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8246d9e1bd096d5c9b345b39e8d7d9d466f3dcdfc31c02942968a4f5bf6a6a

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 22:47:51 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff52e5fc-LHR
expires
Sun, 16 Feb 2020 22:48:58 GMT
era-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/era-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9298d7ff919963f07457100ce24d3a2d5e4c015f162c5798a7c9480e07e41024

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:53:49 GMT
server
cloudflare
age
12209
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff54e5fc-LHR
expires
Wed, 26 Feb 2020 22:54:05 GMT
auto_Kuvendi-i-Kosoves-1-11577303108-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/auto_Kuvendi-i-Kosoves-1-11577303108-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85e35c7e6a7f4e3d042d3bda22c6028568b27874353a9209d061c71590b9513

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 13 Feb 2020 06:17:57 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ff55e5fc-LHR
expires
Sun, 16 Feb 2020 21:47:45 GMT
vucic-seselj-lead-1280x640-1200x630-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/vucic-seselj-lead-1280x640-1200x630-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d862834c0bf8f0f687ff0055df54159fee754d7baa11faca1f537d75ea2bd859

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 20:17:18 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f7ae5fc-LHR
expires
Sun, 16 Feb 2020 20:17:44 GMT
11193309_1090116767672180_7234113208415409495_n-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/11193309_1090116767672180_7234113208415409495_n-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57c327bd7257e02d4308a019fe7d69901537036567e15320c767f1c7eb64b8ed

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 19:43:29 GMT
server
cloudflare
age
23602
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f7ce5fc-LHR
expires
Wed, 26 Feb 2020 19:44:12 GMT
rita--600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/rita--600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6dfc57f8b00f3f3f894e1481e1af6c6eaa7c8f5b25ed5b620572038ae924744

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 21:46:30 GMT
server
cloudflare
age
16126
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f7fe5fc-LHR
expires
Wed, 26 Feb 2020 21:48:48 GMT
jlo--600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/jlo--600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aec1687cbf79abf1b4cd381880ccaa3fb5f026c058f15d35576c67a63cc1583

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:10:03 GMT
server
cloudflare
age
14694
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f80e5fc-LHR
expires
Wed, 26 Feb 2020 22:12:40 GMT
dafina--600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/dafina--600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1902e85de08c6db6c7f8d1963c9812c07a238151d58be56000930a74bc7166fe

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:35:48 GMT
server
cloudflare
age
13127
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f81e5fc-LHR
expires
Wed, 26 Feb 2020 22:38:47 GMT
t7.png
www.gazetaexpress.com/public/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gazetaexpress.com/public/t7.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d8123861eb05f843af822d875f255d2578965d0974366b191ed99c2b09a24a

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 02:17:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Thu, 14 Mar 2019 14:02:37 GMT
Server
cloudflare
Age
229643
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
56644406fe99355e-LHR
Expires
Mon, 24 Feb 2020 10:30:11 GMT
auto_Istog_demte_nga_ererat1581579303-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/auto_Istog_demte_nga_ererat1581579303-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a7d6c1dd2e4c49c4e2548122f090c25597695cf9b709be6a6a80599a2f2f932

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:49:20 GMT
server
cloudflare
age
12455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f84e5fc-LHR
expires
Wed, 26 Feb 2020 22:49:59 GMT
greva-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/greva-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9875803b8b2435e210cbdc7b0ee7a9d12c7b6ab319b76745f975e13778da4d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 22:37:09 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f85e5fc-LHR
expires
Sun, 16 Feb 2020 22:37:43 GMT
svecla-1466718343-7133860-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2019/08/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/08/svecla-1466718343-7133860-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837bd9a1c018813e0b44cf2d8dab0771160d0239e83c83fed707b041767e6d78

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 15 Aug 2019 14:03:12 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f87e5fc-LHR
expires
Sun, 16 Feb 2020 22:31:50 GMT
kiara-770x380-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/kiara-770x380-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24376a1df61762fec1f4df93d406f28e85a5020be4c13c5db1f2b506e6b8fa47

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 21:57:12 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f88e5fc-LHR
expires
Sun, 16 Feb 2020 21:57:56 GMT
dgdfgdfgdfg-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/dgdfgdfgdfg-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f7accd0933d44583c6e684a0e671391df12674913765f009887f7c40b4c0848

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 21:34:28 GMT
server
cloudflare
age
16914
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f8be5fc-LHR
expires
Wed, 26 Feb 2020 21:35:39 GMT
640-0-5e49889f769a1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/640-0-5e49889f769a1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7463f4d5711bbdeee19f2f57d07fe57614372505dfd3e08144883cbdea152dd9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 21:31:34 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f8ce5fc-LHR
expires
Sun, 16 Feb 2020 21:32:06 GMT
oo4-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/oo4-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
823f57b2ffc3028051eb423339d385048e02d10db96d1438ad91ea4e5e18577f

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 21:22:20 GMT
server
cloudflare
age
17664
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f8ee5fc-LHR
expires
Wed, 26 Feb 2020 21:23:10 GMT
BRIKENA-BERISHA-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/BRIKENA-BERISHA-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db947ad53d13b2dac5235da03246a4efd74d4d9118700ee70fed45a7a94123bd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 19:18:17 GMT
server
cloudflare
age
25072
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f8fe5fc-LHR
expires
Wed, 26 Feb 2020 19:19:42 GMT
xhemal-ahmeti-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2019/09/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/09/xhemal-ahmeti-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18f5e98b78de21ddb40f6a5ad4fb0bf6d04753306521640bec62c3877226d0a6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 19 Sep 2019 10:21:10 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f91e5fc-LHR
expires
Mon, 17 Feb 2020 02:13:28 GMT
ak-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/ak-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1375f40a25ba72a41abb683a650355b08fb242d7bf9b5e0caf0dcb9532c9c8c

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 07 Feb 2020 18:45:12 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f92e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
rh-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/rh-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f16801a0c0b615a188c441ac9b0fda68fb0749b7a9ad1603e3a94514b1f27fd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 22:06:26 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f93e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
011-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/011-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e267790a62ea876197b6e4ba3de2adbe4f0663b39aa2f5d3643d9bdbe05b7e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 22:45:03 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f94e5fc-LHR
expires
Sun, 16 Feb 2020 22:55:47 GMT
Amiriii-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Amiriii-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de08678ef17f65a0cdffc4ad20e4d355cbeed3eb827654c44de1082564805ce

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:30:20 GMT
server
cloudflare
age
13593
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f95e5fc-LHR
expires
Wed, 26 Feb 2020 22:31:01 GMT
Screenshot_4-47-600x360.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Screenshot_4-47-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2026812faf7fc3f1b59861a84f6730b4befb26f4c1a7f51af588ec723bfcd6ff

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 22:03:29 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f96e5fc-LHR
expires
Sun, 16 Feb 2020 22:04:58 GMT
casi-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/casi-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc071a53088d81540b654b7eb8db560f58bd233162f86500c32a328ef4edff5

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 21:59:50 GMT
server
cloudflare
age
15455
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f97e5fc-LHR
expires
Wed, 26 Feb 2020 21:59:59 GMT
Lazioo-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Lazioo-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d644ba6034b822f9ab5cb5aa9be1a163edd73e438770c2f060c4db17350efc69

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 21:44:29 GMT
server
cloudflare
age
16315
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f98e5fc-LHR
expires
Wed, 26 Feb 2020 21:45:39 GMT
roze.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/roze.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90d0cded9720b6d4c487472776555df0db4914ba5bb91fead64cc826bc2d854

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
public
Date
Mon, 17 Feb 2020 02:17:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 05 Mar 2019 00:34:22 GMT
Server
cloudflare
Age
229639
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
566444070e77ce5f-LHR
Expires
Mon, 24 Feb 2020 10:30:15 GMT
2ton-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/2ton-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf0a97a34d167436ba407ae4a455fb8bcdba8ec3abb7a026cf4dd9b5cc7bef1

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:50:20 GMT
server
cloudflare
age
12393
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f9ae5fc-LHR
expires
Wed, 26 Feb 2020 22:51:01 GMT
bleona--600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/bleona--600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857cdd7b121ec550c80f59857a7ac120a96a198891b1accbc4bf4478a3a19836

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 20:35:08 GMT
server
cloudflare
age
20448
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f9ce5fc-LHR
expires
Wed, 26 Feb 2020 20:36:46 GMT
ronela-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/ronela-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a73d4aaf837115ccdbcca31529f4a4961c468a79dd1ea6eeab3fe0b2dad5bde4

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 19:51:33 GMT
server
cloudflare
age
23052
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f9ee5fc-LHR
expires
Wed, 26 Feb 2020 19:53:22 GMT
beatrix--600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/beatrix--600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c6ba6b3d1250174b1a972112190661fe7311a2b4418f008d60faf7f381b7c3

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 19:36:44 GMT
server
cloudflare
age
23908
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070f9fe5fc-LHR
expires
Wed, 26 Feb 2020 19:39:06 GMT
elvana-1-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/elvana-1-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2f24e0d64a2a4c9c50af8f610f2c15b739787b9069dc8801abfd4a78379fc7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 19:25:20 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa1e5fc-LHR
expires
Sun, 16 Feb 2020 19:27:14 GMT
ushqimet.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/ushqimet.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73067813a731e393ee1a486d06a4d6ab198c441e0b325c76e558777997c7d80d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 18:38:45 GMT
server
cloudflare
age
27472
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa2e5fc-LHR
expires
Wed, 26 Feb 2020 18:39:42 GMT
OnionOnFeet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/OnionOnFeet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663833fa8df4d25248fbde41dd1d6d69eaf126c23cc55616050173cef845d9b0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 15:46:09 GMT
server
cloudflare
age
37817
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa3e5fc-LHR
expires
Wed, 26 Feb 2020 15:47:17 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
6242
date
Mon, 17 Feb 2020 00:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 02:33:32 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
cigok-1-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/cigok-1-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b33661efa88eebf2137745080b02cad8df8b3f375b3d58e0012f4357b977bbf

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 12:14:35 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa5e5fc-LHR
expires
Mon, 17 Feb 2020 02:13:29 GMT
cov-3-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/cov-3-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b97bc424518fa6a2d9d9adeef307ef6e96a18f1c7d603204e76f4191d6bd33

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 15 Feb 2020 22:51:21 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa7e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
si-te-shtoni-peshe-800x445-600x360.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/si-te-shtoni-peshe-800x445-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd72c02b19345aab616e0a95c5f65f85ef875a3483f69afa8067c960485a576

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 15 Feb 2020 11:06:22 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa8e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
Alush-Canaj-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Alush-Canaj-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d58b5334e8bc4e916f764538dd78c0041269a1c78225bdbf56ab643a40d9b6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 22:25:35 GMT
server
cloudflare
age
13849
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fa9e5fc-LHR
expires
Wed, 26 Feb 2020 22:26:45 GMT
gsh.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/gsh.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d044fecc0e91a164d3247cd739feca4561083b08e970c3ebf802fbf99dbbcf60

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Feb 2020 16:38:05 GMT
server
cloudflare
age
207545
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070faae5fc-LHR
expires
Mon, 24 Feb 2020 16:38:29 GMT
swift-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/swift-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c2624c22fbf82f951fe9e9fd57a71eb384dc361e3a086dadbad0b9ef483ff4

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 19:45:09 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070face5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
collage-15.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/collage-15.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1737dbf50330e3e550f3d07b82e63214b733c1ac9ff8a3760bf21310dcad32d2

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Feb 2020 14:21:06 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fade5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
teatri-kombetar-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/teatri-kombetar-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c5dd94228b72d1146ae67229667ebd8e59ec2c81b8d71a8f1ffa0632066222

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 12 Feb 2020 13:52:30 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070faee5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
exil-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/exil-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cca5e738569785e8f9ec3c3961150dae38c1616a0a3fb5be8eb6f42461b2860c

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Feb 2020 13:43:30 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fafe5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
rec-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/rec-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921d0ab254f847e586c615b3b122fecd3ef82dc10b94968227bdaf6c57db8bbf

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Feb 2020 18:44:49 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fb0e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
parasite-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/parasite-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
972ec4c1dcd377058048db35de4ee42a44b4d379b15c781f016a63c89100e1e7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Feb 2020 16:55:25 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fb1e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
blerim-latifi..-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/blerim-latifi..-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad27dd88549f4464d1846e5a30d4d646eba05730498722481ebdd1e4ea3a4ec

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Fri, 14 Feb 2020 11:39:17 GMT
server
cloudflare
age
225438
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fb3e5fc-LHR
expires
Mon, 24 Feb 2020 11:40:16 GMT
enver-hoxhaj-komiteti-foto1-1500704226-9466380-1500722408-2633530-1544019628-6391632_1544020078-7237125-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2019/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/03/enver-hoxhaj-komiteti-foto1-1500704226-9466380-1500722408-2633530-1544019628-6391632_1544020078-7237125-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff5d2170c4e98e8cadb17687da6f242cbf5d1fadfcf4017394bf7c1a118bf9e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2019 15:02:05 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fb5e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:32 GMT
Science-vs-Religion.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/Science-vs-Religion.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3ef662ef1abbe35e99cb4162bc1a7fd194f9029b6d6885e43a6284e2146b30

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Feb 2020 16:41:36 GMT
server
cloudflare
age
231277
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fb7e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:57 GMT
c83ff570331af527d42f-780x439-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/c83ff570331af527d42f-780x439-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13ff9521b020d92d02033440eab2c791570e7312b618707de50a02f5a6ba74e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 16 Feb 2020 15:34:29 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fb9e5fc-LHR
expires
Mon, 17 Feb 2020 02:13:29 GMT
martesaa-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/martesaa-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e8d7232901bcbdd34037cb5fe7431bf18d2cdb5c37a36505df0ff2e4109f5d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Feb 2020 08:38:51 GMT
server
cloudflare
age
63447
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fbae5fc-LHR
expires
Wed, 26 Feb 2020 08:40:07 GMT
horoskopi1-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/horoskopi1-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027cc4cc8d2a4493dff095420bef3681aa29ff71989343b7b18485f58aae345b

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2019 15:07:11 GMT
server
cloudflare
age
230616
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fbce5fc-LHR
expires
Mon, 24 Feb 2020 10:13:58 GMT
859-how-finances-changed-after-marriage-6927408190-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/859-how-finances-changed-after-marriage-6927408190-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12a8eb4f4d6768b876b046a761e72f189e76ca74294eb58a11e48b7c40da16f

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 15 Feb 2020 18:17:52 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fbde5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
v44-600x360.png
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		283 KB
284 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/v44-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5e730035ca3aa8ea7179a7a19bcc00cad9fd0a66baa98823c1ccabd77e7a677

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sat, 15 Feb 2020 09:38:21 GMT
server
cloudflare
age
146292
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fbee5fc-LHR
expires
Tue, 25 Feb 2020 09:39:21 GMT
3-6-587x374-587x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/3-6-587x374-587x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f539842da420266f49928a8d1c5c36ddafccd31b75339963b249504402375fbf

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 15 Feb 2020 07:16:56 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fbfe5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
engjulli-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/02/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/02/engjulli-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277802e037faedce189264ade1145f485ee3b807792d6e4a23b321b3d22ebee8

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Feb 2020 19:52:12 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc0e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
ff-5-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/01/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/01/ff-5-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325a7cd696c3bcf9ee45cc69b4a1d81de0fe470ee199615c1a537856f7aaccc9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 29 Jan 2020 18:59:04 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc1e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
samsun-studenti-turkmen-600x360.jpeg
www.gazetaexpress.com/wp-content/uploads/2020/01/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/01/samsun-studenti-turkmen-600x360.jpeg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
415150d54cfd87b42df1d0bcb799e083e23fe21bd246778da24feb23ef9f53d6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 16 Jan 2020 09:32:21 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc2e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
5be9514249b696215a7c14f802edcdc4-1514051879-6618849_1539945844-8822706-600x347.jpg
www.gazetaexpress.com/wp-content/uploads/2020/01/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/01/5be9514249b696215a7c14f802edcdc4-1514051879-6618849_1539945844-8822706-600x347.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adbb6525d5618b941b4b1fa341feb3a90658271fd5cd75bdb9a11fd3ef3e29b

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 15 Jan 2020 09:28:36 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc4e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:40 GMT
planeti-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/01/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/01/planeti-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c313320efb8c431fcfe3ce7afa7c92c09b944ecd074068e570e08d309b134521

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Mon, 13 Jan 2020 23:45:38 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc5e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
alienet-600x360.jpg
www.gazetaexpress.com/wp-content/uploads/2020/01/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2020/01/alienet-600x360.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6cf15d875e5ea7de4e80c8e8f0de2dff8fd5c3887517a690193a4216244b9f

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Sun, 12 Jan 2020 22:23:51 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc6e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
logo-footer.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo-footer.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca8fb7a8194728b9c16058a207355d712d9dc78ed439465322f5357e6acf30fd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2019 00:34:19 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc7e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
shkabajLogo.png
www.gazetaexpress.com/public/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/public/images/shkabajLogo.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
342773fa0d89481ec7521bd4994beaa6145a54c1b35a1c4f3033bdec36dcd01a

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Dec 2014 10:39:40 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fc8e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
chevron-top.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/chevron-top.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77392f8766632c2c7384609a5a5b7f759c4d5dad0e9d60e54fe7da82e5a51394

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:16 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
566444070fc9e5fc-LHR
content-length
1274
expires
Mon, 24 Feb 2020 10:02:58 GMT
mpp-frontend.js
www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/ 		290 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.3.2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-polished
origSize=331
x-cache-status
HIT
status
200
last-modified
Wed, 04 Sep 2019 23:49:11 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
566444063e09e5fc-LHR
expires
Mon, 17 Feb 2020 01:51:42 GMT
jquery.fancybox.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/fancybox/jquery.fancybox.min.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cea969acd75c4a1d1fd3950c397486ed14625d27777d70a205a8286cae0f3f

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:29 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
566444064e10e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
bootstrap.bundle.min.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/js/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bootstrap/js/bootstrap.bundle.min.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 17:34:42 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
56644406aecce5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
jquery.bxslider.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/plugins/bxslider/jquery.bxslider.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af75344a3c58703523ea517239fb2e61d94e90e3824a5751a873723103e2905

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231276
cf-polished
origSize=65388
status
200
last-modified
Thu, 07 Feb 2019 17:34:33 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
56644406aecee5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
scripts.js
www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/ 		872 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/js/scripts.js?ver=1.2.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfc8660b7bc66e1df0b0d8c7e1b09c83362acfc3d92a0d5bef8179e7878ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
age
231276
cf-polished
origSize=1235
status
200
last-modified
Thu, 07 Feb 2019 15:01:36 GMT
pragma
public
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
cf-ray
56644406ef2fe5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
underscore.min.js
www.gazetaexpress.com/wp-includes/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 02 Mar 2019 23:51:09 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ef31e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
facets.min.js
www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/js/ 		399 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/elasticpress/features/facets/assets/js/facets.min.js?ver=2.8.1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Feb 2019 13:02:49 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ef33e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
wpFeatherlight.pkgd.min.js
www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-content/plugins/wp-featherlight/js/wpFeatherlight.pkgd.min.js?ver=1.3.0
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Aug 2018 01:52:48 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ef34e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
wp-embed.min.js
www.gazetaexpress.com/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazetaexpress.com/wp-includes/js/wp-embed.min.js?ver=5.2.2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Dec 2018 14:46:21 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
public, max-age=31536000
cf-ray
56644406ef37e5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.gazetaexpress.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
pubads_impl_2020013001.js
securepubads.g.doubleclick.net/gpt/ 		167 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
sffe /
Resource Hash
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Jan 2020 14:09:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
62230
x-xss-protection
0
expires
Mon, 17 Feb 2020 02:17:34 GMT
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.94.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-78.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 14 Jun 2019 00:49:06 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Mar 2019 16:01:33 GMT
Server
AmazonS3
Age
21432509
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
X-Amz-Cf-Id
L6iiVgQ00M07U4rnh3LSmEZ4kcN4vSdxuUwtNvDelekXh9_ye3XZIw==
header-bg.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		159 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/header-bg.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7385bfde4c121c81486ba15fd68e6d02058b8dde2853b57c79d4088d53aed62b

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.12
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Feb 2019 15:01:17 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
566444070fcae5fc-LHR
content-length
159
expires
Mon, 24 Feb 2020 10:02:58 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 23:32:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:50 GMT
server
sffe
age
1046734
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
16112
x-xss-protection
0
expires
Wed, 03 Feb 2021 23:32:00 GMT
search.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/repository/search.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430eeed0076e4b943d324406f5402477e3878768474537eec934106d356b7161

Request headers

Referer
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/css/style.css?ver=1.12
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:28:08 GMT
server
cloudflare
age
231276
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444070fcbe5fc-LHR
expires
Mon, 24 Feb 2020 10:02:58 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 23:42:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:24 GMT
server
sffe
age
1391699
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15764
x-xss-protection
0
expires
Sat, 30 Jan 2021 23:42:35 GMT
intersbc-webfont.woff
www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/ 		0
0
t7-live
video.gjirafa.com/embed/ Frame DEDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://video.gjirafa.com/embed/t7-live
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.1.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
X-Frame-Options AllowAll

Request headers

:method
GET
:authority
video.gjirafa.com
:scheme
https
:path
/embed/t7-live
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://www.gazetaexpress.com/

Response headers

status
200
date
Mon, 17 Feb 2020 02:17:34 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d01252bdc41b2611d5862b68e22a699211581905854; expires=Wed, 18-Mar-20 02:17:34 GMT; path=/; domain=.gjirafa.com; HttpOnly; SameSite=Lax; Secure ASP.NET_SessionId=evy3habi3y53vgadejvnngg1; path=/; HttpOnly; SameSite=Lax _mgTraffic=B; domain=video.gjirafa.com; expires=Sun, 17-May-2020 10:17:34 GMT; path=/; SameSite=None __gjci=c4ac0e58dc8d4ae2b6d212c8374ddb93; domain=.gjirafa.com; expires=Sun, 17-Feb-2030 11:17:34 GMT; path=/; SameSite=None gjs=ovh.gra2.win.web.14; path=/
cache-control
private
vary
Accept-Encoding
x-aspnetmvc-version
5.2
x-frame-options
AllowAll
x-aspnet-version
4.0.30319
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ASP.NET
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
566444078e22dc3b-LHR
content-encoding
br
Screenshot_3-51-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/Screenshot_3-51-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d207a477226b283dc07dc414dba49f80224469ca61b349983c270cc59c47430

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 22 Apr 2019 07:45:20 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444072fe1e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:44 GMT
Screenshot_4-40-600x360.png
www.gazetaexpress.com/wp-content/uploads/2019/04/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/uploads/2019/04/Screenshot_4-40-600x360.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a1d3850f9b2a184d243e0a2897af8359a51ba52ab2d3048f04e935f64f0fcc

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:34 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 22 Apr 2019 07:49:35 GMT
server
cloudflare
x-cache-status
HIT
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444072fe3e5fc-LHR
expires
Mon, 17 Feb 2020 02:15:44 GMT
sdk.js
connect.facebook.net/en_GB/ 		194 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=ffac38bf26800e0878048618e5d5a81c&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f87d6235ea7e88cc54c43ada37c80bf955f423cdf352ca05c0838cdd1740e87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VVob24UV5HdE4XWsDJPcBw==
status
200
date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
expires
Tue, 16 Feb 2021 00:55:24 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
59545
x-fb-debug
oAIfSdQhqGpL/2q7rpKitwuz0uNb17oxht7JAd4cIxJwcLP4Tqq6a4Y//alR2egly9iN56V5YH7u6YyY4PJEjg==
x-fb-trip-id
1850256238
x-fb-content-md5
5b7718955a5799e50ab52f8f6c4b77d0
etag
"0d151a71d9e7bf9c9273288a4c0aa662"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Tue, 04 Feb 2020 00:05:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:02 GMT
server
sffe
age
1131149
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15948
x-xss-protection
0
expires
Wed, 03 Feb 2021 00:05:05 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j81&a=149355693&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%...
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=149355693&t=pageview&_s=1&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_gid=195046397.1581905855&gjid=1408789195&_v=j81&z=1464888103
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_v=j81&z=1464888103
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_v=j81&z=1464888103&slf_rd=1&random=802655211
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_v=j81&z=1464888103&slf_rd=1&random=802655211
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6427330-1&cid=1440873597.1581905855&jid=1051365991&_v=j81&z=1464888103&slf_rd=1&random=802655211
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j81&a=149355693&t=event&_s=2&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%AB...
  • https://www.google-analytics.com/collect?v=1&_v=j81&a=149355693&t=event&_s=2&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%A...
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=149355693&t=event&_s=2&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABB~&jid=&gjid=&cid=1440873597.1581905855&tid=UA-6427330-1&_gid=195046397.1581905855&z=1233803000
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Feb 2020 17:03:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1070068
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j81&a=149355693&t=event&_s=2&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&ul=en-us&de=UTF-8&dt=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&ec=VisitsSource&ea=Website&_u=IGBACEABB~&jid=&gjid=&cid=1440873597.1581905855&tid=UA-6427330-1&_gid=195046397.1581905855&z=1233803000
Non-Authoritative-Reason
HSTS
6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xKydSBYKcSV-LCoeQqfX1RYOo3i94_wlxdu.woff2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c8180d1998460b559dee08da2ff6e3acf7a093090cc30bd43d8446006cfac6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C300%2C400%2C600%2C700%7CRoboto+Slab&ver=1.0
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 22:56:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:42 GMT
server
sffe
age
1394465
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
15824
x-xss-protection
0
expires
Sat, 30 Jan 2021 22:56:29 GMT
quant.js
edge.quantserve.com/
Redirect Chain
  • http://edge.quantserve.com/quant.js
  • https://edge.quantserve.com/quant.js?https_upg=1
13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.quantserve.com/quant.js?https_upg=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.176 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17-Feb-2020 02:17:34 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Strict-Transport-Security
max-age=86400
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5651
Expires
Mon, 24 Feb 2020 02:17:34 GMT

Redirect headers

Location
https://edge.quantserve.com/quant.js?https_upg=1
Date
Mon, 17 Feb 2020 02:17:34 GMT
Cache-Control
private, no-transform, max-age=86400
Server
QS
Connection
keep-alive
Content-Length
0
Expires
Tue, 18 Feb 2020 02:17:34 GMT
fbds.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/fbds.js
  • https://connect.facebook.net/en_US/fbds.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a21faa053f757bd5d40ddb20c97d4394ffc9b87dc84009a22fbbb451dc61ef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
TneI2a7F5EkU5e6/xdKOfA==
status
200
date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
expires
Mon, 17 Feb 2020 02:37:16 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
2118
x-fb-debug
OlwmHpSzPwcuftp3tVuUZYqgPlB9uojonM7Wy/Fm59UtFSZ/mnO3sg/tODr6McXjfFY4EPCo4paIq3iM2JkteA==
x-fb-trip-id
1850256238
x-fb-content-md5
e987ade5f855e3ea017600a593608a23
etag
"32dcf7925a86fce68836552f5ae46c1d"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5

Redirect headers

Location
https://connect.facebook.net/en_US/fbds.js
Non-Authoritative-Reason
HSTS
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
jI+oFIHhTrS/fSpqZ+RsY5QU/YcLHmLicbInKiSdWZl5WN/+tnkNgjmy/QX9PHjE1PWG44oVgg4rhrSRhZB66w==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
projectagora.min.js
projectagoralibs.com/libs/ 		349 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://projectagoralibs.com/libs/projectagora.min.js
Requested by
Host: twpasol.com
URL: http://twpasol.com/c/gazetaexpress.com.js
Protocol
HTTP/1.1
Server
2606:4700:3030::6818:6d7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e86f16bd7a5997e6031e5dd47b67b07903d3a2225ac9e573d4204d75c3f964

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:34 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1840
Content-Type
application/javascript
Connection
keep-alive
Content-Length
100408
x-amz-id-2
gA56nS7DTqTul3r1m8hVaS5sjDb5Hcusl0EIZBpd9pyuyP2rBTuCKu3acVXxfudXKmzULSJ3ZfY=
Last-Modified
Mon, 03 Feb 2020 14:15:35 GMT
Server
cloudflare
ETag
"3298ec06c3f16aeb27f3fb18d0f367ab"
Vary
Accept-Encoding
x-amz-request-id
8BE4FD532799DC83
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
566444080b5ad6fd-FRA
intersbc-webfont.ttf
www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/ 		0
0
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=211121436486198&ev=fb_page_view&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1581905854790&sw=1600&sh=1200
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 02:17:34 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lajmi%20i%20fundit%20n%C3%AB%20Kosov%C3%AB%2C%20Shqip%C3%ABri%20dhe%20Maqedoni%20-%20www.gazetaexpress.com&time=1581905854794&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.gazetaexpress.com%2F&random_number=4410769654&sess_cookie=64a3861417050efc149e25e0915&sess_cookie_flag=1&user_cookie=64a3861417050efc149e25e0915&user_cookie_flag=1&dynamic=true&domain=gazetaexpress.com&account=OPTMe1aoiI00Ua&jsv=20130128&user_lang=en-US
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 16 Feb 2020 21:46:20 GMT
Via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-amz-meta-alexa-last-modified
20110117123941
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
16275
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
-_fhiKg4uM_PvO_DmymnB24AG9FVUTylIf63wCs1h-7OTrba-yKinA==
test.png
a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net/
Redirect Chain
  • http://cloudfront-labs.amazonaws.com/x.png
  • http://a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net/test.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
99.84.201.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-201-217.lax3.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 74d35431a23bfc97a6055173d9be2dc4.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
pnKpACbKfGXmCdrtehTtTt1bKBC1-oFEu4y7cvIl00jmxslQpvIzEg==
Expires
Mon, 17 Feb 2020 02:17:35 GMT

Redirect headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Feb 2020 02:17:33 GMT
Server
Server
Content-Length
0
Location
http://a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net/test.png
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4385251399603885&correlator=3684208577031135&output=ldjh&impl=fifs&adsid=NT&eid=21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200217&iu_parts=74207979%2Cadxp_gazetaexpress_160x600_HB%2Cadxp_gazetaexpress_300x600_HB%2Cadxp_gazetaexpress.com_160x600_right%2Cadxp_gazetaexpress_HB_728x90%2Cadxp_gazetaexpress_HB_300x250_D_1%2Cadxp_gazetaexpress_HB_300x250_D_2%2Cadxp_gazetaexpress_HB_300x250_D_3%2Cadxp_gazetaexpress_300x250_mobile_1%2Cgazetaexpress_test_hb_300x250%2Cadxp_gazetaexpress_HB_300x250_mobile_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=160x600%2C300x600%2C160x600%2C728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&eri=1&cookie_enabled=1&bc=23&abxe=1&lmt=1581905854&dt=1581905854813&dlt=1581905854341&idt=457&frm=20&biw=1585&bih=1185&oid=3&adxs=143%2C-9%2C1433%2C470%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=225%2C-9%2C225%2C49%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4206218631%2C3618061427%2C4027716477%2C1376028450%2C2904518949%2C3788665600%2C3852554850%2C537267373%2C1682953793%2C3692762762&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.gazetaexpress.com%2F&dssz=59&icsg=3377699720790015&std=0&vis=1&scr_x=0&scr_y=0&psz=160x600%7C0x-1%7C160x600%7C803x90%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=160x-1%7C0x-1%7C160x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1440873597.1581905855&ga_sid=1581905855&ga_hid=149355693&fws=0%2C2%2C0%2C0%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
90cbe3fcd91913282ff0c668297e4b77ce48f7a5b8b0f2c2b3ebceee550273a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
371
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2020013001.js
securepubads.g.doubleclick.net/gpt/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
sffe /
Resource Hash
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Jan 2020 14:09:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24903
x-xss-protection
0
expires
Mon, 17 Feb 2020 02:17:34 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
empty

Response headers
672076466251367
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/672076466251367?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a43da37e3657dee8b2824752a921ae0a9caec2d2bbc5326927661fb46531952
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114917
x-xss-protection
0
pragma
public
x-fb-debug
nzhGKTumNkeW5yaCIUElOcte0h7+l35H0pYkHtxQxd7onzoApDI3MtDz/mq1nipixxZEIAV2thWASTphW9ue3g==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025887620575&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1581905854903&cd[value]=0.01&cd[currency]=EUR
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 02:17:34 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025887912175&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1581905854903&cd[value]=0.01&cd[currency]=EUR
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT, Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 02:17:34 GMT
cmp_shim.js
d2zv5rkii46miq.cloudfront.net/0/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d2zv5rkii46miq.cloudfront.net/0/latest/cmp_shim.js
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/projectagora.min.js
Protocol
HTTP/1.1
Server
2600:9000:2156:f200:17:5578:e080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 01:43:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2019 20:25:44 GMT
Server
AmazonS3
Age
2045
ETag
"1de86d90311bcd5ee000f2f732b294a9"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1698
X-Amz-Cf-Id
_MCVN7S40ivutq22mX356_PQomvAB_yaIYf_if-rWVYMkyhcYLEGgg==
teads-format.min.js
a.teads.tv/media/format/v3/ 		723 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/76285/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9dde00583784e2fdc1844f508484e07903850efb006e94122b0be49b30789bb1

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 02:17:34 GMT
content-encoding
gzip
last-modified
Thu, 13 Feb 2020 16:07:53 GMT
x-amz-request-id
D2C9A95F1BF65A04
etag
"74f4a58acac5f7cbf60016af64ae4250"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
private, must-revalidate, max-age=600
x-bucket
f
accept-ranges
bytes
content-length
193585
x-amz-id-2
FX+cbxgAL8uqkMhEqk0GUQSmWMzeHBuRxNynaVMsbsXLEX4S/K9B7w8jZQ3N/4YGVbYZtROVD7Q=
expires
Mon, 17 Feb 2020 02:27:34 GMT
rules-p-Z2HwmmFSucHCB.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
  • https://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
3 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
3
x-amz-cf-id
3Skpr4XmIwBSZLzoDFCwYpZo0gtUcL4dnLNnOFxHTwDeCJLDXOKLvw==

Redirect headers

Date
Mon, 17 Feb 2020 02:17:34 GMT
Via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-Z2HwmmFSucHCB.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
stZKK6Sk0E6GLDo2B8FS8e5SNHMrC3s4yYIXnMSQ8M5Bta5pHdHjqA==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=4385251399603885&r=300x250&w=300&h=250
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zTgcnrOTkObvIQkmOzQkXg_zQRnnRZYAFk36Yzr6GvXidh7iUQAMR_HodIURV6qCKksUmLFq3I7Sb6Lix0Re1kNh9etY4dZpIdC-2iejCA7T5WdVXTgV1Y-lEE_o5KX1CUZoq2nj__7-blPZrgwcjk5jmzkbyNpSHXmyQXBgY7c2_I3v_6PylYyPr9-7H4iJNx4Ok...
aj1431.online/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zTgcnrOTkObvIQkmOzQkXg_zQRnnRZYAFk36Yzr6GvXidh7iUQAMR_HodIURV6qCKksUmLFq3I7Sb6Lix0Re1kNh9etY4dZpIdC-2iejCA7T5WdVXTgV1Y-lEE_o5KX1CUZoq2nj__7-blPZrgwcjk5jmzkbyNpSHXmyQXBgY7c2_I3v_6PylYyPr9-7H4iJNx4Okp64gps5pToClBmF8irmjbRFuD8OFoI1vFyGuTCVMXwt8KFZjoz3m8gEqdz6ovdCNzTSsIZ9nFeukb4IR4z0qbE-dUrN681VlkvKFujUy4KffXicUAuS1uMuARXhd5uxKzouXD3A9S0IbDGP1yui97aCnEKBi3AC7L0TkyzJXqg_zwTSUfD-o2NJF01mlxHzs67_exXv811QHuz0zZjm4LGVAAqWDq8w1UuYUeSovBZsiyQZ2Sja3zrbKRQ?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
9096329a599e94711d7cc6eaee01464f944a9f38a762127d9a8a00ebfad9d5e9

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
1351
expires
0
zT-j6Zqs9awqR7zEhjwZxJa-OxLhpE2YVmepfVLgbnbTGmLySEnRIRWWL8AJdMoKY8zhrhbGZnV0jwj4a3HcrrwQG_uXcC-sxRC4YNNVRMs_ScijwXpieCY9vzLKJOcWJD1k64rzl2KRlrPrLIO72XWRhOAyjBdAVO2FnbBf2LAuD-uRi0CPRFEy_zoE4e5OLKsNU...
aj1431.online/ 		815 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zT-j6Zqs9awqR7zEhjwZxJa-OxLhpE2YVmepfVLgbnbTGmLySEnRIRWWL8AJdMoKY8zhrhbGZnV0jwj4a3HcrrwQG_uXcC-sxRC4YNNVRMs_ScijwXpieCY9vzLKJOcWJD1k64rzl2KRlrPrLIO72XWRhOAyjBdAVO2FnbBf2LAuD-uRi0CPRFEy_zoE4e5OLKsNUEUa_-ZR5zyOEnLTGvUMurba9a6GP2IBKPIEbRPJAVGhZhFpVX51dLX3r02fIUXnyIvY9VGdYLMzQjBaxAT7qnEyOkbBnpTQnwNRXT3S_8TkNPmSs_gzu5tgxkYg6GtEFDjhyweHGy04jTTe8iBjf2ZdUkk1I6mERgIYCiCxqKZi-BMXQ8ycsfPLF6apEpDIKTl1KKw5-GGFZiX7GLtA3lpgnEo3C7BSDiNOLHw5Fw4T7QGwkHTLgw-OaEg?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
25c0ec8bd6e21fca06448644f94cefd062846094951b91c872338365e4a3d913

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
815
expires
0
zb8PV2wlhRJqnocb283zQVaqOpz3Wg0cNLfZa7ZuctdilWaFFX6dn2oswKHFNwLMBfWswxRUSg8JFont91zOKY3qcLxbHPPsUpLnxIcInPzj6T4lO_BSYNjZkx1rpDMgI-Ou8KgbTDMgs0JjCNcw2XLIeUMbQpBNCuGpKopcUuUY3vMy_WFCwRDQxHjvYGer7ZQ_G...
aj1431.online/ 		789 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zb8PV2wlhRJqnocb283zQVaqOpz3Wg0cNLfZa7ZuctdilWaFFX6dn2oswKHFNwLMBfWswxRUSg8JFont91zOKY3qcLxbHPPsUpLnxIcInPzj6T4lO_BSYNjZkx1rpDMgI-Ou8KgbTDMgs0JjCNcw2XLIeUMbQpBNCuGpKopcUuUY3vMy_WFCwRDQxHjvYGer7ZQ_GJuV6MO_KDU_GwT0tQz7bS9gtKFycHFH4WunagyhraZsGR67rWN8uGUN7kDd_QlEsmslGkrRkPzp4CeK3faVA5K_YWPqP9F_agITeS1HBYB4TPAVZT6MWAgtrzUowuLkFW41oVQcqvsdY82eD6BCAXgJ58SEU0Ng_KX65rwsuP0-zLdgxRTBgg6eTM_gRV2eIkKwn5sqYg_C7qCrgQmKOANG752tMx6pMZPnRJwlpmYRWD-Z3HTO2k-OZRw?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
999f5e35226d951294677ead57900c14c19422fdf47206c78d020b1f3dd63f5e

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
789
expires
0
zUgNhUvf1MD3KEgz14Jr_uUcnploocexm6gpRlsykpamEmmW9j-dKybEbIuHEasmP2nlgi9iMxO4h-4j8tTWS8tvyiiB4bCVFfS7o1HPQH9HbVRxbWqOH1GKfcvzk7EenNBRryWvouNWGLXRopxFQWpCnqEf8bcZMqYCtLGimRxS_DRvLQa7ZTSWn6w2UmAMSdxZu...
aj1431.online/ 		553 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zUgNhUvf1MD3KEgz14Jr_uUcnploocexm6gpRlsykpamEmmW9j-dKybEbIuHEasmP2nlgi9iMxO4h-4j8tTWS8tvyiiB4bCVFfS7o1HPQH9HbVRxbWqOH1GKfcvzk7EenNBRryWvouNWGLXRopxFQWpCnqEf8bcZMqYCtLGimRxS_DRvLQa7ZTSWn6w2UmAMSdxZu2Y3DN_yPrW8d091_Y4aAZnHYuSPS1S5P-WpXVdpUTKpCHDpQfFTBJpuPwUEQOMkkLUXfxdZ1TRZvfxBb_ivZcxpC9Q2Fy6e1IDXUl7_mzYG-6aRJS9BLc5lO6X_GhsYPiy9CHggva6VyeQuKB9N6LQekLz3sbp_MQfR6yk_K1wqTzZ5VujCDJF7pcgjp8To2DRGw38aF_fiCMatVtgWwT-ENh2cWtmmKNyr5BHqapiefaJNxS2C_kLTKRg?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
b008ce77447340aa37a70816898aaa4804b711a4494a1d8d97bd3bcf4850588f

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
553
expires
0
zXsGT-pNTR2yz8G5n27qTCS7PTJ3dy-3oLnj-ObLvEjW-4NaTM6NZzqMnd-HknueuXJtTVDtuATftiLtIoA-LNrmDekHKul9b84bhB16LkYZdWpke8AD5AFyrP3Fq98FycHz9xU0aDRJsa95Ag54BonIsz-5voqyfp3ELPsmhS8Qvy3z-bGDTIfHVN-9ULJbtaA21...
aj1431.online/ 		809 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zXsGT-pNTR2yz8G5n27qTCS7PTJ3dy-3oLnj-ObLvEjW-4NaTM6NZzqMnd-HknueuXJtTVDtuATftiLtIoA-LNrmDekHKul9b84bhB16LkYZdWpke8AD5AFyrP3Fq98FycHz9xU0aDRJsa95Ag54BonIsz-5voqyfp3ELPsmhS8Qvy3z-bGDTIfHVN-9ULJbtaA21fCYHzcb3vk5_2xKONFlYAY6ovLKT6rGVmtNKqBina95qpHjMFeo9w2QlbKBg0oHYzHEMvb3yVT1zGXa8EXlnJNl7sljxCOofmqv3_TWAbuoW7dnCdKxZNYw-p9zjx_oiaRMcaGnx__JrafazjnNk0RbCZHJYA5SwpNqgsFmmhE0fBxyZJdEXQsmb62sTYIwMJavztQ7dbvm17GOwBQE_0y-06C3Sgk4WLkXJ4Kd7etUv4_t0HWa-xeKbTw?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
693d33bcfba537c0afaf11c7e94693c32c4a4c3cb9cabd639f7e1cb313d600a2

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
809
expires
0
zwMkYKrtZRbjnhGAIJ0DseiGcJAxIxXWtOVHKgB-_yowFg5R9ZRI2b5Cnx00Xc-aTDNjnkjavzg2MmF_YBbAcOLxCYy_-V2qcXGzaTHUwIOY_NLp4Ivzl1rT09qBf4srRew69NjtPcLsrCMRZW05F9kgHcaEySE4SgWI26H9dKGE5RollGvmElb1N_4bmFj_Ulv_j...
aj1431.online/ 		802 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zwMkYKrtZRbjnhGAIJ0DseiGcJAxIxXWtOVHKgB-_yowFg5R9ZRI2b5Cnx00Xc-aTDNjnkjavzg2MmF_YBbAcOLxCYy_-V2qcXGzaTHUwIOY_NLp4Ivzl1rT09qBf4srRew69NjtPcLsrCMRZW05F9kgHcaEySE4SgWI26H9dKGE5RollGvmElb1N_4bmFj_Ulv_jmwatLm4zYjb3zlr1TGRtx94BQBlwdrTzvWOTYesvuD5Y8i3cBUKgwQ4VcMNvGb1sT8lHJKwu9r4P5xYMvZSQSM5nnQSXkS9ub-7aRLMLJPNfBN8t1Mg8gkhjrEFFb_2ciKA9CfopwNZdFVwel66rShKtPbBIsDgdaF-fo05vlpCy-0eGy5X-es8hER7edfElG4CMJEUdmiCAN0z1upfC5TIlZ_aM8kLa65yG9FDz-t-IkrwiRDS-zuObRg?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
dbc9138aefec3cd376bfd7813abc8e03616da9b484594a039a9ee09e29aced03

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
802
expires
0
z_1l52f43iQf-uyJ80boZ87RxK06QsoOqEmCqn6DTLoIoXaWoLBF_1Lf4Pz4tROFqW38wW70UFylMVGIkQMp1-DwlxyIoTNnBnv0wv9sFh-Bu55KZiGylRsf6Zwrz_IpcDNV1ZZa-Tha1IDj7bVBxpjOYoOB1NJKH2j6iVmigDf8n2BkWuJ6u6G73A83mVj4ouskt...
aj1431.online/ 		804 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/z_1l52f43iQf-uyJ80boZ87RxK06QsoOqEmCqn6DTLoIoXaWoLBF_1Lf4Pz4tROFqW38wW70UFylMVGIkQMp1-DwlxyIoTNnBnv0wv9sFh-Bu55KZiGylRsf6Zwrz_IpcDNV1ZZa-Tha1IDj7bVBxpjOYoOB1NJKH2j6iVmigDf8n2BkWuJ6u6G73A83mVj4ousktryS5QiOonxUjHuepg5ZUTmBXCtVyODlrbTmwk4g-ZulNwBsDZ5VpXAeqZX-YpqqmjeZJNae2TX-RGSKpYTJ3FFd9rywxaI0tG_xtvdja64ag6xsFTYrpJ5QlbyZAmWbqLtHxAlVgx6GmFVtZCzU1-4QUCjKQgooPGNpfgqC8RcCXQHTmPiyqek4Z1oKgGZqpMP6UT7ePAjBMSW0i7c2dKYfZpGaHOEJDMdccAX_wvp92MSIiTTHiw-SaTw?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
9317fc42ed29b3ae5c925c9d1fb98a4310f793eae1f91ec4cefb8721e353efb2

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
804
expires
0
zxd1PLsSk_QZr_eNl5S32h-QWS1wkoJCThymwqhedh6E02W2yy0O6vgXy8X9ZmXGuXXRg1zfzuRjCzOnqxVf9WTywliliIcinrhQmv15uE_Ci19J6YcAW_dP3eM_e5lPZnTzPaMXjFhhsl8qakJUnVBjNNM7INxDxlDUCEoILYhiS3Xt2RfB19uPKb80Wo7Wi40Ib...
aj1431.online/ 		552 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zxd1PLsSk_QZr_eNl5S32h-QWS1wkoJCThymwqhedh6E02W2yy0O6vgXy8X9ZmXGuXXRg1zfzuRjCzOnqxVf9WTywliliIcinrhQmv15uE_Ci19J6YcAW_dP3eM_e5lPZnTzPaMXjFhhsl8qakJUnVBjNNM7INxDxlDUCEoILYhiS3Xt2RfB19uPKb80Wo7Wi40IbYDa-y4xs1fZH09zZ75viXx8HXmKzjZn7Hyx4d8khr2BptpBNh4lt2RH3VVt7H_6h3aGUENVeprMBX-XkhL7HKJI7w-hqFa7XcO3UKL_dYGJ2k6A84T0hh6SAKKiTkpj-vyWOjqcoLwFyZqAgcKYKvA8RBVt5f8Saz-8ZrLIYHCnMlAsCjP2KuHKlj_fh8mJOdaCkC-Y99Nt8ZmpotO70qm3LJTiQFWGYtqalGmtaWvEnD1YjHTq_lbTPEw?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
61f17d8978659e536176cfaf194f512d4aa0e01b2174942b0e69f9029430d6b0

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
552
expires
0
zxP2RAKSLrFuPGIfolrJjhWWHUOm0CG8GvzLIdA-KQPjuGO6zRSXyn-jrE9kN6JfDJkO2s1P1RZnNxD3sQIIwptNlk0NhXe4hR98rdMrvGBXV97Abvz-ml4tVpGMpiBQx832J93SIpzrqFTGtc7FAdDuyoFneYqVYS_54YMtWuYn9GN6oypsVMEUXdT9M7pw14f3f...
aj1431.online/ 		789 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zxP2RAKSLrFuPGIfolrJjhWWHUOm0CG8GvzLIdA-KQPjuGO6zRSXyn-jrE9kN6JfDJkO2s1P1RZnNxD3sQIIwptNlk0NhXe4hR98rdMrvGBXV97Abvz-ml4tVpGMpiBQx832J93SIpzrqFTGtc7FAdDuyoFneYqVYS_54YMtWuYn9GN6oypsVMEUXdT9M7pw14f3fPlC7cxzUl2nPOFhWE-GSKLY7zisazJhzybBvu8GwWG2_vNEriwIx7rM7nukN35IowLiEuw46Rqo7bQLIy20JX96HUFdah4enbPSMBcrrnEN8nKOHcenaSX6pC2TK2eiVOao-P8JcFHI1b_5eU6OaWTSjVu6xYYzMqf47suLRub33Kn9apN31_BlgDkiBAWiRVOMQXLwbZMtT_4u1d9mCEG71DRQoKkRjOg_adR-Rj3ro8U5yTWe_xbbPRA?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
8d7e23f57aaa93fb2758d37d747d84b63dde2cf1352ee37d009c260199912cbd

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
789
expires
0
zL0WVNVA1igCaqrYiOILmbdc_QGq3Tf9vmIJsFIs_e-YcvfJYa_0uUYVasuNSA7Q2OnxVVKjIqvD0cH_Ih7a7z8MN2CXwL4fvhrPbbLUpWp93eMHIIytHaVZiWvIg31nZuR2jaj3ljCBeYBgZJV7Icg6tv1aGh2VswXta5zBRRfIp1_QIq74KFyAL34DuA9mo-JQj...
aj1431.online/ 		552 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zL0WVNVA1igCaqrYiOILmbdc_QGq3Tf9vmIJsFIs_e-YcvfJYa_0uUYVasuNSA7Q2OnxVVKjIqvD0cH_Ih7a7z8MN2CXwL4fvhrPbbLUpWp93eMHIIytHaVZiWvIg31nZuR2jaj3ljCBeYBgZJV7Icg6tv1aGh2VswXta5zBRRfIp1_QIq74KFyAL34DuA9mo-JQjJwMivjyR-ejOTJ2b2DepPhc6XtcxHyLgegdZiQiLgMvvy8hV4GNDg6n4CbTh-c2Gi79jcQqXnBsvLLBv0OY6WGrXmvq1QNe4G5l8wMMFeJhND6ONUV5ofFwIkPYGtn_bX9aANJs_fd_aapbc-A6OnsGJMshJEDofR2ZSwv692nCATd64Mb3iV0JyAKI2ovRIzxeEgSG7nwWG32B7Jy-hCK9gRDIaAmB9KU-edfw_RdRBshojHTDjlOGcEA?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
7418ca45128044009c95d8eb0b9c02421f842edbf48983373c1bda9603956afd

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
552
expires
0
zmfNwG5cP1C7C6UB5dZZS1ZZrSqAcbzf5jhieFkCH6mebeoHQjL3oPS1XgnhnZyA7NbVjylhi0ymcfXUQJ3RizpMg7PdF7HhqD6jhu9IjhZHwkZjlVqLgS9Hyb0CqQ_UA0iVjVRJ3XKOGwERwWdXuBV0DtsWtwkV1CUTIGbktbI2dZUirbOmvVstI2MWujxJ6H9jJ...
aj1431.online/ 		551 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zmfNwG5cP1C7C6UB5dZZS1ZZrSqAcbzf5jhieFkCH6mebeoHQjL3oPS1XgnhnZyA7NbVjylhi0ymcfXUQJ3RizpMg7PdF7HhqD6jhu9IjhZHwkZjlVqLgS9Hyb0CqQ_UA0iVjVRJ3XKOGwERwWdXuBV0DtsWtwkV1CUTIGbktbI2dZUirbOmvVstI2MWujxJ6H9jJaJpez3NqIYVULvdwVPWOF-cPi0pDfGQt02qgwWNZkEw8mkCS0N0vCRU3FhVAQ7o20um7wvIFxS7WPbmV0qm1EcFh-S0WoOfHjQIM08a4gC99WQUwsg9FwadsbhgQR8hxgWefXjVLLbPCrg28qru0ZDSMWO5RDvm_9sJM1b0_FUkr_xbGJ6EW59OnFvAWq_Z0RpcipJXi1qN_Fv9x-D2lT3bTzw0eTrYtLXPRaRruRJ1C0Bs6fxg0vpe0wEc?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
f4344622809a436c0cb33db413543d25cb01382443fb50ae7d32ce63bad9f871

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
551
expires
0
z6hfScA3natzWhhKiKsd9vCtIq6nMex0e4sVbml4FediRwXxTfwxqJ_SYz5taNCF8pBGCuCEN0sS2z9w9hxxe8Q9Uh4PdQcv79UXX3fk8KocsE7NdTADxnupkYsypgmu3XS_AJQmfD5Lqw8VSdYfY2ZICjWI1-E4I7yAmIRz2nJBkEq3t3aJSXRE2sDeud1Jhgt-B...
aj1431.online/ 		790 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/z6hfScA3natzWhhKiKsd9vCtIq6nMex0e4sVbml4FediRwXxTfwxqJ_SYz5taNCF8pBGCuCEN0sS2z9w9hxxe8Q9Uh4PdQcv79UXX3fk8KocsE7NdTADxnupkYsypgmu3XS_AJQmfD5Lqw8VSdYfY2ZICjWI1-E4I7yAmIRz2nJBkEq3t3aJSXRE2sDeud1Jhgt-BruatOeilamn5T864k5H772ibDZq_9j-XvtPwtqhxf5kn2Dyxge8OUd-qTwaynQvFDPrc0guzM-b9U2NrVX3Z-HCeMqF0eshLSL6mkDnxdg1GhdoEkYtZV77IdYSMq2k1ssDOPmtfF2Fscb1ztz2Yfzl75ZVVYOYK7AfVZStgCbON_ADAGeHh3-ckJScXN_5L77b2GJbCoLPUXFDodLAoPY2aVGTAEftp-RhmbKTuZB8duzpFIhkys5TiyEE?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
27775a4a17160c844d79f5bcb0fb493288e825754320f6ffc2fb59a7805f260e

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
790
expires
0
zcglENpq3_H56yAqfV2qAM3oGKCtNg9oD8heAyNBPLUxpwP1HKi-H6rGvycUXh3y4np-F6Y92MmegEGfAndADBqA5WVoV6u6oLCjn6fMRCwLXjktd68Vme2QBP4TC3kooQukssHeaCVFLLe7HJxRIY24mX2uEM02Xm2o6Mx0dS4DhHp73WLU7JjZ3CdxlSu99_zMa...
aj1431.online/ 		553 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zcglENpq3_H56yAqfV2qAM3oGKCtNg9oD8heAyNBPLUxpwP1HKi-H6rGvycUXh3y4np-F6Y92MmegEGfAndADBqA5WVoV6u6oLCjn6fMRCwLXjktd68Vme2QBP4TC3kooQukssHeaCVFLLe7HJxRIY24mX2uEM02Xm2o6Mx0dS4DhHp73WLU7JjZ3CdxlSu99_zMaKNHDstHOSNHW0kOJH7fG0WqZ7XYslWPeJyH2A7LLu7GBY9aLTuoIpqyrFw8oRv9gtlkFzhHrL5-FdnDDBY7jm7DWxGE4gkoHPPOyA909hIvLAjf7zUA_5ECrJJDnTaqcLTn1ebjd71XyGAhKo9lZuVQZpPaGKnYn1Qi9EuSCBhQ43FB4Xa5ULJm_O7KUamuCdFivDyiJ15tmG1oAEVtH9iRBeLebW9B5378xJ8e7qwYC6DaOdBhmvsa0nkE?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
dbded87a9d772e6958242cbf80ec6931d8030cdf77ac923a3bf5e658162b25c0

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
553
expires
0
zfPIOBH4fwrbAgwNzUzQd0zRh1g7VRCc3HF8Qn-DhvqrtJ8DohAgg6dDodGIOUqv3o03g-OlP4C0Y00lompQGY-2Tp1nHd_FE6PkjDUmOxfoeOQxm8JVAiBsP6kwfIgHrmAXrhjGo4JoJYEPC6ytTAZE1eX8P1q_YPQMxxRpsG13UzxNkdcVP6GwJCHELCMhupS1C...
aj1431.online/ 		789 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://aj1431.online/zfPIOBH4fwrbAgwNzUzQd0zRh1g7VRCc3HF8Qn-DhvqrtJ8DohAgg6dDodGIOUqv3o03g-OlP4C0Y00lompQGY-2Tp1nHd_FE6PkjDUmOxfoeOQxm8JVAiBsP6kwfIgHrmAXrhjGo4JoJYEPC6ytTAZE1eX8P1q_YPQMxxRpsG13UzxNkdcVP6GwJCHELCMhupS1CoY-Fu2ihpYxGmWfUoDBGqkiXHLY2MfqK_asZmd4sainBsnFztFOZFjtrnXVDRpz_ls3Gvr18qRYbR1sXB3f_zuzJVWTe0efBIqtZVGCuzOJBoHGVFNZaBLf0h__9krqDY7th2aejecoYdJ8XHx0sr1von-mF4JrPXqerembDhN4PCaU8RDGRcOb0aBY---HBYqCn9LMm4AaVZBzjTwwyh_Nh-71c9qeDHQNMV_akbMCAXL90HzfgxbPPEA?
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
9b7f5d8ff8dba1e4dc8b0a2080c491c4e9f503a9d4f89d416a0ce1f037485e3f

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
p3p
CP="CAO PSA OUR"
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
789
expires
0
1520317101345890
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1520317101345890?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d96ada6fa35f3ddd720360a91619e18562a6f102fc287570e76691207beda03e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114920
x-xss-protection
0
pragma
public
x-fb-debug
TeRsF+z80SxwaUW6AHYquaHBU4UTH1SRkjmN6hBwWZ9dqd/VUQ4Dgv3mUGdOok0bAqkTb+DlNkMOtlkFQAyoZw==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 02:17:35 GMT, Mon, 17 Feb 2020 02:17:35 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=672076466251367&ev=PageView&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1581905855075&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581905855075.2143069170&it=1581905854838&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT, Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 02:17:35 GMT
z-u8bM-IhLuHm6jtsH60MQwV2MKTzl9Nf64lBvGnTL0QfzACW_zhmwrr6-XLC8YKmfbviPw0mmAfcXNEZ9QVr-HDmRIRSzKSCE9-_pBJ_daHlJv1qeChEqWHfD5JTWoGGySa0PGVrmg4XBCWrRTSZL2sQHotuRp3nnL8-hDkJ4TBMoRzkR5WvB87aH59LnP9Hxsx9...
aj1431.online/ Frame C64A 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/z-u8bM-IhLuHm6jtsH60MQwV2MKTzl9Nf64lBvGnTL0QfzACW_zhmwrr6-XLC8YKmfbviPw0mmAfcXNEZ9QVr-HDmRIRSzKSCE9-_pBJ_daHlJv1qeChEqWHfD5JTWoGGySa0PGVrmg4XBCWrRTSZL2sQHotuRp3nnL8-hDkJ4TBMoRzkR5WvB87aH59LnP9Hxsx9So1TEafsIOiWmpdJwJNpe-3T4MC-cwi8XeCLi2AHsM5kzM5gHy9JXhvgx3aSpDeeEjd2N5racFMBTmNo4onOKtr8vN8S_zzNLZQXU3YEU3_RhpoTrZnaS987Zf2HK73-ATis2qcUd96Xof9vNNsRxnNPQA76Khe37isY?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
160_600.png
cdn77.aj1431.online/files1431/135/640/1723/ Frame C64A 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn77.aj1431.online/files1431/135/640/1723/160_600.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
185.59.220.21 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-20.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b24e59357b9af003aab52aad0fc8e0ad5c263bf2e9b5dd640426e093adc39009

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Tue, 14 Jan 2020 07:24:05 GMT
Server
CDN77-Turbo
X-Edge-Location
frankfurtDE
X-Cache
HIT
Content-Type
image/png
access-control-allow-origin
*
X-Edge-IP
185.59.220.20
Connection
keep-alive
Accept-Ranges
bytes
X-Age
785121
Content-Length
137894
messaging.js
projectagoralibs.com/libs/ 		332 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://projectagoralibs.com/libs/messaging.js
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/projectagora.min.js
Protocol
HTTP/1.1
Server
2606:4700:3030::6818:6d7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f414c6c2a7af37d10afc4d4a65377216199319ad3dcf9a3378cc1cc38e0f47df

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
1820
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-request-id
A6F9266496B15D2E
x-amz-id-2
iEFThljEkFWKBhUS7ldAi7JqRbtkDSTy7hSO1k6esJV8s8L2CxJ4i+ukz4eWfaRz70bw9tNRN0M=
Last-Modified
Mon, 16 Dec 2019 15:29:19 GMT
Server
cloudflare
ETag
W/"df33fd26925892b2d9e364aa2fed2745"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
5664440abdebd6fd-FRA
x-amz-meta-s3b-last-modified
20191216T144749Z
wigo-no-slot
sync.teads.tv/ Frame 4AF3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.5 /
Resource Hash

Request headers

:method
GET
:authority
sync.teads.tv
:scheme
https
:path
/wigo-no-slot
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tt_viewer=fbd7cc21-be39-4571-986f-c0ca93b43d98
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://www.gazetaexpress.com/

Response headers

status
200
content-type
text/html; charset=UTF-8
server
akka-http/10.1.5
content-length
325
expires
Mon, 17 Feb 2020 02:17:35 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
p2
b.scorecardresearch.com/
Redirect Chain
  • http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1581905855220&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_...
  • http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1581905855220&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st...
43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1581905855220&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=69376183&cs_ucfr=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1581905855220&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=69376183&cs_ucfr=1
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&ts=1581905855217&pageId=76285&pid=82609&env=js-web&pfid=[pfid]&f=1&fv=227
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Mon, 17 Feb 2020 02:17:35 GMT
track
t.teads.tv/ 		23 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&ts=1581905855218&pageId=76285&pid=82609&env=js-web&pfid=[pfid]&f=1&slot=native&fv=227
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
23
expires
Mon, 17 Feb 2020 02:17:35 GMT
/
ads.projectagoraservices.com/ Frame E618 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=6750
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
09ed4ea86a32243448c09f2d6946bad013875754a715790ce82e4c40c7edeb27

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
z6ucVOl9cyKVRi5V8dQCMwyMSyaF20s0X3HRLdQ5HhyYgkoTR-JRHArGjimTPKtzAHXA1C03baWbpnHZGSqqa21YwnaxEH-KjrMVhym70lcuA4mao-jVEiCDX6Yc3DwAgPy7tn4kZup-BuPX1hK-MMyzhlVZia-TBBijJnOSTOou4qbp-jBY8PWDlEZ76hmVaTzLM...
aj1431.online/ Frame E618 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/z6ucVOl9cyKVRi5V8dQCMwyMSyaF20s0X3HRLdQ5HhyYgkoTR-JRHArGjimTPKtzAHXA1C03baWbpnHZGSqqa21YwnaxEH-KjrMVhym70lcuA4mao-jVEiCDX6Yc3DwAgPy7tn4kZup-BuPX1hK-MMyzhlVZia-TBBijJnOSTOou4qbp-jBY8PWDlEZ76hmVaTzLMsFfLNLirfBH_krxSkZWP5P_7yeX_iDhg1lEQ6y8JH6saGg-Mh5fMfSNhGz-DLv7_GOvA2U0sxRF3glqur-JMc7gHk6ovVncXMKP4xKgqU-cnlpF_gQa3xmOK97BXg9RGFQliq6vR0NDhGToFW2SgMFZSIsAug3XULad3?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 236C 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
62a860bebb86a4e430e341bab8a9b4c7a432072410697df4885bf962fd633fee

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
z9ODqwINjJBEvYQfjhDa4QIeju0xkGfIckmT5xYE5mHxPtDOJEVrVezhXBFEpaU94AoSsKK6Meg9nlLMh5fPgClN7zyK3gRGjAc6lxq34Ms1gWvo6CwC-PjhypGM5PsBXpgjBxHt7gf17BqmN_1ZFTV5S89ErQEt--tSxJ67Hn08-LOX0MdlbpocZ0YoRCdP7FrDl...
aj1431.online/ Frame 236C 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/z9ODqwINjJBEvYQfjhDa4QIeju0xkGfIckmT5xYE5mHxPtDOJEVrVezhXBFEpaU94AoSsKK6Meg9nlLMh5fPgClN7zyK3gRGjAc6lxq34Ms1gWvo6CwC-PjhypGM5PsBXpgjBxHt7gf17BqmN_1ZFTV5S89ErQEt--tSxJ67Hn08-LOX0MdlbpocZ0YoRCdP7FrDlH9d9mDD3b8tuKTjs66mkwQY64K2uMgVABv3euHFMHty6beEQjsCYUFjpNyF9n-xjMHC9SmRf_HLnjnHxwvUEqYOrV6h0FxshP8AJDjPTzBPkULuZX0vG9krR3UqhKlntp5oKvrkhTSI-5E6eA7G6sD8QTX2u0oe1yK_1tA?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame ECA7 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=6751
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
b69e8f92ce38eb0c8ed7247e9cefdf5aef919b376bbdb2281e5b3ad040f52dfd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
zTUtTknS0MWUhSUFvXl4dvNwj8jLviCaa_rK5W8BaA6gY5C20L3nUDJKbZZRstk2HM662Wzg6NcgKvRh_3Dwg5LE-gffFcf3lDXBzhZOgTDYNzeynho9yKtjBOR3qxR0XiVQ74csfPahNgs5q2J-JbcYb9jm4qemByyrMOVzvG5heqN-gQKOTEgGfX_OgcrgRIGs_...
aj1431.online/ Frame ECA7 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zTUtTknS0MWUhSUFvXl4dvNwj8jLviCaa_rK5W8BaA6gY5C20L3nUDJKbZZRstk2HM662Wzg6NcgKvRh_3Dwg5LE-gffFcf3lDXBzhZOgTDYNzeynho9yKtjBOR3qxR0XiVQ74csfPahNgs5q2J-JbcYb9jm4qemByyrMOVzvG5heqN-gQKOTEgGfX_OgcrgRIGs_TFxMUiS-5kAgsbAsooeVp6Tlj-L217a3DyqNKsPKBy7qofkAbMFp-3-TzXGl01z4ePUekZCfn8EMfd5brnqotesu5lx3iaxIsmkspTj2VTXOwyZkfd6L--P8N4TXnVLO0WkHGujiqOsM349p0LyilQ1jgiUuE7WF75fo?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
zBRl1HLwl5-f3FvbXEOw51BoLvY1lWHLRhZO6nHK_ZskXCSw_AdWusw-LAuXVg_VpHf5ycS91YKXtbZ2qMn9l71a5A00agdWUUZ5GjMsiDp_tJ4FsQAoRKMRSr8eELBE-skb9Rb6B1aPeKJdEMIvGm9_OAMnECNZD2IH_ipO4ebmTfy1n4Q9IsN-O_aDky1u3belE...
aj1431.online/ 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zBRl1HLwl5-f3FvbXEOw51BoLvY1lWHLRhZO6nHK_ZskXCSw_AdWusw-LAuXVg_VpHf5ycS91YKXtbZ2qMn9l71a5A00agdWUUZ5GjMsiDp_tJ4FsQAoRKMRSr8eELBE-skb9Rb6B1aPeKJdEMIvGm9_OAMnECNZD2IH_ipO4ebmTfy1n4Q9IsN-O_aDky1u3belEoJDHBZsai6RUvMAEClSGXQpnpb9Wd_FzfMx-rjzDoiqqbp98vdBZKBnR8qOcgCWCxs34-CKJ7wQwSdIBsau2x1ERsuYyAyGwv2JQCLIopPfC5C7buDtNWQLGbOysrXZ8htlfe7sN0zXJUw?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:20 GMT
etag
W/"49-1580400320000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 0625 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=4361
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
62a860bebb86a4e430e341bab8a9b4c7a432072410697df4885bf962fd633fee

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
zpn1zBr0bxPAYR6O8rkl55Y1p5S8Mxq55GZ3N1n0RQ3E2w90L3bTJpCgT1cMiUX5b63-WFfAtZJOcOvPpWTnaNYLBETm3nbiMBqwk8g_nbHAIVWh8ZuCnGBkf4D_wZTX5hEsgIDJmYLPA136d-qdpK-xJughOEfQXtUb62eyIRnnmmL4fYS_1UdFMHwVXZdEuu6BY...
aj1431.online/ Frame 0625 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zpn1zBr0bxPAYR6O8rkl55Y1p5S8Mxq55GZ3N1n0RQ3E2w90L3bTJpCgT1cMiUX5b63-WFfAtZJOcOvPpWTnaNYLBETm3nbiMBqwk8g_nbHAIVWh8ZuCnGBkf4D_wZTX5hEsgIDJmYLPA136d-qdpK-xJughOEfQXtUb62eyIRnnmmL4fYS_1UdFMHwVXZdEuu6BYX93z1_RPFBakXzlbsmsSk-N9HDyBF6kawiJcg3yqSZcFmJ9L0JICR_6r8pFHSUuv_i2XtxipYIbOP7M-gwbx2Knqbbjhlxwy_RWJ_RJ_ukXvMnCDjKABxglbvQjYtV-GA0sphMl6vbWhK-2X98p3g49obq_WhHGZwHaw3Q?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 22BA 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=5043
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
aee4af7c7d2302527db09818e468c91eaebb16ea870b1937a3657620870ec2d0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
zrti9-Cgd4dU60rPsxB-5JVhos1qOimo3CbAJx-_EzBt_dne8pCZXDc2HrKTOgHjTNrmru7MCEbNyL5s7YSxE0UcH4wK-yRhmUdInG1VGEoU79p0mtmd0TcZ7iA4HOINh_y6Dgt0q6fgvIhhmmls3KjDfI9AN5IWr-uFgRMaEmUgrubeky6k7Zgt7mQWhxlJPd79u...
aj1431.online/ Frame 22BA 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zrti9-Cgd4dU60rPsxB-5JVhos1qOimo3CbAJx-_EzBt_dne8pCZXDc2HrKTOgHjTNrmru7MCEbNyL5s7YSxE0UcH4wK-yRhmUdInG1VGEoU79p0mtmd0TcZ7iA4HOINh_y6Dgt0q6fgvIhhmmls3KjDfI9AN5IWr-uFgRMaEmUgrubeky6k7Zgt7mQWhxlJPd79uYfWZys-zWn8kz_nWeE0myD4eG96Ximzrjzg8cEfmbm77QlwwEgLbDDewH0kTyxtbl_kE1g5TkbC_UG_DQcCrMByuZVrfhUUjRwLE1TLlppbQPUcdvQnrkgytuJqeO8oMQ7b93ZE35PgOa1UlihZMOCJ5jgM3JTzclQyl?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1520317101345890&ev=PageView&dl=http%3A%2F%2Fwww.gazetaexpress.com%2F&rl=&if=false&ts=1581905855283&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1581905855075.2143069170&it=1581905854838&coo=false&rqm=GET
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT, Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 02:17:35 GMT
zQA_OAifniDOT6x8GkV3QyGT2Ro0KfQOTi5cHmEFqtOKrTlTXICOwhCUEl-8Q7bmwWWm75PmAemZI1S9zRhVLB_Wi7AmZxrh7aTTYBGm7KFUnGEcrMqApBjJRE2bWmcXAbWMbedfoNO-GfojraL9k2iuwj4nHqAktkeHklJOZvhf-1DT5oU6PX6PiRRVWe7IQbu6R...
aj1431.online/ Frame 5C76 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zQA_OAifniDOT6x8GkV3QyGT2Ro0KfQOTi5cHmEFqtOKrTlTXICOwhCUEl-8Q7bmwWWm75PmAemZI1S9zRhVLB_Wi7AmZxrh7aTTYBGm7KFUnGEcrMqApBjJRE2bWmcXAbWMbedfoNO-GfojraL9k2iuwj4nHqAktkeHklJOZvhf-1DT5oU6PX6PiRRVWe7IQbu6RrVggjpFz2X3dLKwZ8LY-nS9pl4IJioIDmVZeui2d_loAu8ScN6od3S11f741aWKqbOMAwFd7z1xZVxSTt6RvKJfSY0Tx74N-_ZpsR0HS-S5A0R9TVvmzou-yIiPGic4XJ-j0I5xs6g0x5g?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:20 GMT
etag
W/"49-1580400320000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
get_site_data
message909.gazetaexpress.com/ 		19 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://message909.gazetaexpress.com/get_site_data?account_id=909&href=http%3A%2F%2Fwww.gazetaexpress.com%2F&requestUUID=43c64518-2302-41c4-8444-9bbaea0f4fac-1581905855327
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
HTTP/1.1
Server
52.59.100.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-100-228.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
a980ae1b3e8754977e50b84ebc09eb799da90354f48d055caf339f28fe443c36

Request headers

Origin
http://www.gazetaexpress.com
Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
X-Sp-Mms-Node
mms-anz.node.fra.consul
Server
Jetty(9.4.2.v20170220)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET
Content-Type
text/plain
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Connection
keep-alive
;ord=1581905855332
ad.doubleclick.net/ddm/ad/zqbehjyzkw/hwzierlp/vztmflvx/onszdx/cc/ 		43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.doubleclick.net/ddm/ad/zqbehjyzkw/hwzierlp/vztmflvx/onszdx/cc/;ord=1581905855332?
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
216.58.210.6 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f6.1e100.net
Software
cafe /
Resource Hash
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
X-Content-Type-Options
nosniff
Content-Type
image/gif
Server
cafe
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
no-cache, must-revalidate
Timing-Allow-Origin
*
Content-Length
43
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
zS5AJMggdn9W83dVTkLUFtCY1qqz6UvSidwBXdBYB8aYBUxsGul-PhZSLYwC2MwzsYTpJ8wgMwLi8vhNdMcc7v2wwnDKcewSGFh2E21oeldXK8S34A6-_iKiOtSuohdRb-8gVFjvqlnb-sznsz7RkvfNSxk8qEKyLybOk3VVfjfnsip94k2t0nkUnRPPOypKYITDM...
aj1431.online/ Frame BD2A 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zS5AJMggdn9W83dVTkLUFtCY1qqz6UvSidwBXdBYB8aYBUxsGul-PhZSLYwC2MwzsYTpJ8wgMwLi8vhNdMcc7v2wwnDKcewSGFh2E21oeldXK8S34A6-_iKiOtSuohdRb-8gVFjvqlnb-sznsz7RkvfNSxk8qEKyLybOk3VVfjfnsip94k2t0nkUnRPPOypKYITDMXMiHWmGqZK_DOAWOiusVLlw-pUcE-wrxsCxg8ae4aj1mXbiXW1aeGgHP6277mpHwvRWyhnICg_yEWsG94HeYFwzv6Fnlb9r_D3FiOwQXzzMoTpaWDEndeLeo0zmSNJGYaIo1I_OTdbeJnA?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Thu, 30 Jan 2020 16:05:20 GMT
etag
W/"49-1580400320000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame 39D7 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=5043
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
aee4af7c7d2302527db09818e468c91eaebb16ea870b1937a3657620870ec2d0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
zO3vwUa-o2HDK3zfvQtk8tv8fn6qRfb6oUku8ZaYNIsA4Fr45VToW1PlXE6_nUpnFRCsNlma_Ccid0TAI79G1pr6Rxw3_uFWI19Svo5w7ZVoGVGV3GS7wZ3JDhCJavwmfzntYmTq8_08aYdfYqNPvVpVTInMACqH6setoulJtP5OyAX0-xkiVGWQfQE0jZM_Svi60...
aj1431.online/ Frame 39D7 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zO3vwUa-o2HDK3zfvQtk8tv8fn6qRfb6oUku8ZaYNIsA4Fr45VToW1PlXE6_nUpnFRCsNlma_Ccid0TAI79G1pr6Rxw3_uFWI19Svo5w7ZVoGVGV3GS7wZ3JDhCJavwmfzntYmTq8_08aYdfYqNPvVpVTInMACqH6setoulJtP5OyAX0-xkiVGWQfQE0jZM_Svi60VzcdmohGVET815Igw6fOIP7f5EEFlPOGfKFL0phMP-Z_JYFB3PgiARsTyo6jvH8FaqA7MYUhkEqrHEeEk-VUhOELW7OwcAd_cpZbNE3SgvkxrgKeI8CjWa8awUlyzPcuR2juWVNuDT2Lcm0S6ZBWd41nMj3owQKAG0GP?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
ads.projectagoraservices.com/ Frame BC46 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=4360
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
85656b0838d7e74f61060d85a8a804a676e9a8604a34cdc7eb116b13761df63d

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
z-TJ4P6EduPj3OO3rTOb6xTkMA_FCfIJrFCrGwqjK5X_29iF7XcLjQ7D5fmHQ3KA9FJYKC0la-tMhOb8Vpdzhnpyk18nhPe_ZW7ifggXWMmbQ5j6eMgpyyqPKdJnMeTK7IH6e02m2O7vmOtpuOyqmhy5TAXmoWZOMSN0PmcmypH22WBhG3PGtBmSM1HmdotjRJ9vs...
aj1431.online/ Frame BC46 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/z-TJ4P6EduPj3OO3rTOb6xTkMA_FCfIJrFCrGwqjK5X_29iF7XcLjQ7D5fmHQ3KA9FJYKC0la-tMhOb8Vpdzhnpyk18nhPe_ZW7ifggXWMmbQ5j6eMgpyyqPKdJnMeTK7IH6e02m2O7vmOtpuOyqmhy5TAXmoWZOMSN0PmcmypH22WBhG3PGtBmSM1HmdotjRJ9vsgabj83HXremD_eRaynO8cWqjXMmxUqfvpUzGydBPtZSK1aVx4HKqOOeng0ff2ENfSnEQ8NcRZSa7536MK6VdmtFSOthBkGi9vhHihpc8m1J-E1QyOaL-tUPp5IHTTbkqAFOn9grhJbQQv6iqF8ofWzMTxgv3MmQPvoER?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
zpKz0o3HvGbam8I-CWV-9BtKtzeFu0arMJsYds2vt_E02t60MJggP_pbnSXYwT6vhzUB4Ryby3k2d_f4KMcMHHOg-OJidNTEcAAtsSCpIYOUwqoS1cWr6z67ZKVruRW3cVCkKoLybo1b2qp0HKqI9H4nj-IkA117T4KLq319N0aP8tnQl9YiqrKOj68TfdNvM0nir...
aj1431.online/ Frame 4E0D 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zpKz0o3HvGbam8I-CWV-9BtKtzeFu0arMJsYds2vt_E02t60MJggP_pbnSXYwT6vhzUB4Ryby3k2d_f4KMcMHHOg-OJidNTEcAAtsSCpIYOUwqoS1cWr6z67ZKVruRW3cVCkKoLybo1b2qp0HKqI9H4nj-IkA117T4KLq319N0aP8tnQl9YiqrKOj68TfdNvM0nirN4recYEQmo567DDVUh1BW9rHhP67hvIaDSoCBB1pBG2e2HC-JkhRIe45aLB7-yQrcHGB97gxYHvhkgR1ydukkFTkKGrJqI8rI2ugYVyamu2T8N4iIuI3i70fdJmjK6BLngo5WFYEaaNq?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:20 GMT
etag
W/"49-1580400320000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
zgJkWr5tpyKfxal2gB3RrwAcsr2WgsrWVMAWy-IzvqzBwg1lri1X_RudPOGvFCnXyulaoG8BHZxKuCoZFHBa1sjwVp5qgkDUBP5RcgPfurfYV9jjO2egsxFooVhmwqnrnf3RAc3b00d6lyIwz-51-YyIsyHNfj5nk5KMuZR00WLfFqczVLqfKYdK19VIb4NamG9aG...
aj1431.online/ Frame 1288 		49 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/zgJkWr5tpyKfxal2gB3RrwAcsr2WgsrWVMAWy-IzvqzBwg1lri1X_RudPOGvFCnXyulaoG8BHZxKuCoZFHBa1sjwVp5qgkDUBP5RcgPfurfYV9jjO2egsxFooVhmwqnrnf3RAc3b00d6lyIwz-51-YyIsyHNfj5nk5KMuZR00WLfFqczVLqfKYdK19VIb4NamG9aGWcXekkW9zLxcbeqIxNDAZxH6m_v2WB_7Sx16MaWjm0awjzTry29f1QcLxZ4a-Wa2AKxbE7_ysJxPbnNyhxiyMvKEdNxfLgUjgV8rU9WOLwpChs3QMj0vSEgxyoDyg5x2wquDUsF_GzV1iQ?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:35 GMT
last-modified
Thu, 30 Jan 2020 16:05:20 GMT
etag
W/"49-1580400320000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
bcn
www.summerhamster.com/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.summerhamster.com/bcn?fe=1581905855394&y=2.0.1196&elg=590719293&flg=909&x=zzz.jdchwdhasuhvv.frp%2F&vqwo=1&deo=0&hu=0&g2=0%3A%3A0%3A%3A0%3A%3A0%3A%3A0&requestUUID=43c64518-2302-41c4-8444-9bbaea0f4fac-1581905855327
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
52.28.51.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-51-75.eu-central-1.compute.amazonaws.com
Software
Jetty(9.2.10.v20150310) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
Jetty(9.2.10.v20150310)
Connection
keep-alive
Content-Length
43
Access-Control-Allow-Methods
*
Content-Type
image/gif
/
ads.projectagoraservices.com/ Frame 95B1 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ads.projectagoraservices.com/?id=5043
Requested by
Host: aj1431.online
URL: http://aj1431.online/041528fb.js
Protocol
HTTP/1.1
Server
34.96.108.236 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.108.96.34.bc.googleusercontent.com
Software
/
Resource Hash
aee4af7c7d2302527db09818e468c91eaebb16ea870b1937a3657620870ec2d0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:35 GMT
Via
1.1 google
Cache-Control
private, no-cache, no-store, must-revalidate
Content-Type
application/javascript
Transfer-Encoding
chunked
Expires
-1
znO_jAT7sngaKHbF3ERyau3sdfMdEVHp560Kx8MA5ncOj0Ul_9r7FjSw_2r-Bh3pVK1X1BBvrTN4SQSf6hTbmYL4ixhvjSS2u2fzlUpqgx9L89jj2YbdMAde0J-20ssJEGQS1hExHKKbe-csCOYulKr6vlLmIf202gSONA8IyEIKzQb1dcz1hm488MvEdnTqiPGE_...
aj1431.online/ Frame 95B1 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://aj1431.online/znO_jAT7sngaKHbF3ERyau3sdfMdEVHp560Kx8MA5ncOj0Ul_9r7FjSw_2r-Bh3pVK1X1BBvrTN4SQSf6hTbmYL4ixhvjSS2u2fzlUpqgx9L89jj2YbdMAde0J-20ssJEGQS1hExHKKbe-csCOYulKr6vlLmIf202gSONA8IyEIKzQb1dcz1hm488MvEdnTqiPGE_Fh-CkOGbI7fcrQIno3tNwl7dyI0wREwrLwLy3hb37s0BX6NtpttoUatTqvbhEwg7TeBEPS7yascIrHv3obtLXu7aepw1xzZV8nD3dAkBWWC0oRuX5JKYv8BGlIvEqXTpExZ_kT735chxovQN6VsK-kDumUmSEegHjyNO?DC=DO
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
212.124.124.165 Reston, United States, ASN47328 (TRI-AS True Records Inc., ES),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:34 GMT
last-modified
Thu, 30 Jan 2020 16:05:18 GMT
etag
W/"43-1580400318000"
p3p
CP="CAO PSA OUR"
cache-control
no-cache
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid.js
projectagora.net/libs/ Frame ECA7
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440cef32c272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440ca858bf14-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame E618
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440cef34c272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440cabef27a2-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame 0625
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440d0f5ec272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440cfbfd27a2-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame 22BA
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440d1f69c272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440cf874bf14-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame 236C
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440d1f6bc272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440d0bff27a2-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame 39D7
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440d4fa6c272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440d1c0227a2-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame BC46
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440d5fb4c272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440d388bbf14-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
prebid.js
projectagora.net/libs/ Frame 95B1
Redirect Chain
  • http://projectagora.net/libs/prebid.js
  • https://projectagora.net/libs/prebid.js
264 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebid.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Feb 2020 08:28:43 GMT
server
cloudflare
age
1839
etag
W/"5606d4b2c9e2d731940e00d0045cdb3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5664440d5fb5c272-FRA
x-amz-request-id
CBA7DA77B31677CC
x-amz-id-2
kBYlsYq3FoFvA2tRsCB2C2azFTJwRVMH59Us44LiLEJh4wyfTWjWsVmc5m52l2xiegmXF+4aTnY=

Redirect headers

Date
Mon, 17 Feb 2020 02:17:35 GMT
Server
cloudflare
Vary
Accept-Encoding
Location
https://projectagora.net/libs/prebid.js
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5664440d3c0827a2-FRA
Expires
Mon, 17 Feb 2020 03:17:35 GMT
/
www.facebook.com/tr/ 		0
52 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryRWIZDNTeoj1F37Np

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
http://www.gazetaexpress.com
date
Mon, 17 Feb 2020 02:17:35 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
gdpr-status
sourcepoint.mgr.consensu.org/consent/v2/ 		42 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/gdpr-status?siteId=4923
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:35 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
42
get_loaders
message909.gazetaexpress.com/mms/ 		571 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://message909.gazetaexpress.com/mms/get_loaders?href=http%3A%2F%2Fwww.gazetaexpress.com%2F&account_id=909&requestUUID=43c64518-2302-41c4-8444-9bbaea0f4fac-1581905855327
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.100.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-100-228.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
f837969465caa758ffac43a98621d29f06efd58ab96129bd16562ef341bf86d0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:36 GMT
x-sp-mms-node
mms-anz.node.fra.consul
server
Jetty(9.4.2.v20170220)
status
200
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
max-age=10800
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryD1uTCESCVeWbbftD

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
http://www.gazetaexpress.com
date
Mon, 17 Feb 2020 02:17:35 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 236C 		241 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=426452be-bcb6-47ff-aa5c-58410fae0bdb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.17949362227186505
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
0dad323d6bd3beb582a7e1d94b09897505c344afeb150d9cada21f1369e1b75a

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=498
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
placementbid.json
an.facebook.com/v2/ Frame 236C 		105 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.facebook.com/v2/placementbid.json?placementids[]=374302723496812_374302983496786&adformats[]=300x250&testmode=false&pageurl=http%3A%2F%2Fwww.gazetaexpress.com%2F&sdk[]=6.0.web&adapterver=1.3.0&platform=241394079772386&platver=2.44.0&cb=8e04704e-667d-4643-8a69-cc66ff219abf
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ef50cddb888afae7c438fcb4003034536d79209d9e1e41bf3d73d215195ec56
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-fb-an-errors
No bids
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-fb-an-request-id
8189428797532992445
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
vlO+sfwERDU5ZysXgw7h4OIsa/wct7yhcROyYGgHgeGnIZhQw4n6KxuhVDEuLo2gGFtHNgSHzjwfamUoxzqdiQ==
x-frame-options
DENY
date
Mon, 17 Feb 2020 02:17:35 GMT, Mon, 17 Feb 2020 02:17:35 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
access-control-expose-headers
X-FB-AN-Request-ID, X-FB-AN-Errors, X-FB-AN-Bid-Count
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
expires
Sat, 01 Jan 2000 00:00:00 GMT
cdb
bidder.criteo.com/ Frame 236C 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=49285025169
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 236C 		0
0
/
adx.adform.net/adx/ Frame 236C 		0
0
translator
hbopenbid.pubmatic.com/ Frame 236C 		0
0
arj
projectagora-d.openx.net/w/1.0/ Frame 236C 		0
0
v1
prg.smartadserver.com/prebid/ Frame 236C 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
X-SMRT-D
4%3b21%3b45
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
cdb
bidder.criteo.com/ Frame 95B1 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=74072394325
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 95B1 		0
0
translator
hbopenbid.pubmatic.com/ Frame 95B1 		0
0
arj
projectagora-d.openx.net/w/1.0/ Frame 95B1 		0
0
/
adx.adform.net/adx/ Frame 95B1 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 95B1 		241 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=57&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=89618fa8-96de-4267-b800-401bfafd6e71&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.643083372579806
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
9a918a0ca431da8346cf760db4c2684fe74f41420c20f71b0187064448608ae1

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=493
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
adx.adform.net/adx/ Frame 22BA 		0
0
cdb
bidder.criteo.com/ Frame 22BA 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=96263149065
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 22BA 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 22BA 		241 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=57&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=4197663d-8b78-4ebf-a26a-3ad5c45cbee0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.0383833219972578
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f3cc88fa6015b745969d6d353a10c0901d276d679002624eb8aa7c0dd6386b54

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=499
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame 22BA 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 22BA 		0
0
translator
hbopenbid.pubmatic.com/ Frame ECA7 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame ECA7 		0
0
cdb
bidder.criteo.com/ Frame ECA7 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=5611243527
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame ECA7 		240 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1544214&size_id=9&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=6f30ee64-885a-4615-88dc-0b4a995f8118&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.326839931642372
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ed338f2c1bbdb3da8445d027534fe4679e0721f906fcdb97f9d9e91f83511f97

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=478
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ Frame ECA7 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
X-SMRT-D
4%3b20%3b97
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
placementbid.json
an.facebook.com/v2/ Frame 0625 		105 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.facebook.com/v2/placementbid.json?placementids[]=374302723496812_374302983496786&adformats[]=300x250&testmode=false&pageurl=http%3A%2F%2Fwww.gazetaexpress.com%2F&sdk[]=6.0.web&adapterver=1.3.0&platform=241394079772386&platver=2.44.0&cb=2d2b9c2c-6262-479e-8e6f-9d2ab6a807a0
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7218114d0d81063f6a3df319cbea6b5d633f243459767b7e505e0aa563f1082c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-fb-an-errors
No bids
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-fb-an-request-id
5806954178027808392
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
1lFIzIX6IZx67PiR3gRzpLXdp7evcPZiSl4cmQT7aM9qQa1F/yPhK1ooqpgC1qTBRMicuHlIFkYImrqolSOs3A==
x-frame-options
DENY
date
Mon, 17 Feb 2020 02:17:35 GMT, Mon, 17 Feb 2020 02:17:35 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
access-control-expose-headers
X-FB-AN-Request-ID, X-FB-AN-Errors, X-FB-AN-Bid-Count
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
expires
Sat, 01 Jan 2000 00:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 0625 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:37 GMT
X-SMRT-D
4%3b14%3b60
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
arj
projectagora-d.openx.net/w/1.0/ Frame 0625 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 0625 		241 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378976&size_id=15&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=0ef16be1-7e28-4959-9246-b6664dc3b1c8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3195829285072702
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
d35a468a7c3c456fe0cd824f7399a7fa8ce301934a8901b750862901437916bf

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=472
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 0625 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=65461217269
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame 0625 		0
0
/
adx.adform.net/adx/ Frame 0625 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 0625 		0
0
/
adx.adform.net/adx/ Frame BC46 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BC46 		241 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1378978&size_id=10&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=00fe115a-e557-446d-91c7-cecb12b7343a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4991839052742806
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
189cb6ba045b563fdb69e7771e9a037bcfb7593cf60896fe77601e731f82040d

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=500
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame BC46 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=22857740572
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
translator
hbopenbid.pubmatic.com/ Frame BC46 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame BC46 		0
0
v1
prg.smartadserver.com/prebid/ Frame BC46 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
X-SMRT-D
4%3b3%3b66
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
placementbid.json
an.facebook.com/v2/ Frame BC46 		104 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.facebook.com/v2/placementbid.json?placementids[]=374302723496812_404099237183827&adformats[]=300x250&testmode=false&pageurl=http%3A%2F%2Fwww.gazetaexpress.com%2F&sdk[]=6.0.web&adapterver=1.3.0&platform=241394079772386&platver=2.44.0&cb=af9a51a5-a73c-4b3d-a852-c85f35cf3d44
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0c4724644b4d79860e426dd2360a9ea2fe208f9a66d8c0bd8d21f902dddb76e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
x-fb-an-errors
No bids
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-fb-an-request-id
662943370010340975
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
TztBRrG5QnjCwyIPUOzYl4QeiPGNxHEqZT5DhW7yLOKyRaWW2DXAlWCNEKDe0uz1J3DLp1Goi1KXuUgHD7TCJg==
x-frame-options
DENY
date
Mon, 17 Feb 2020 02:17:35 GMT, Mon, 17 Feb 2020 02:17:35 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
access-control-expose-headers
X-FB-AN-Request-ID, X-FB-AN-Errors, X-FB-AN-Bid-Count
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
expires
Sat, 01 Jan 2000 00:00:00 GMT
arj
projectagora-d.openx.net/w/1.0/ Frame BC46 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 39D7 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 39D7 		241 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1421726&size_id=57&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=866986d0-3555-4802-a789-1ed98e4720ad&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.22036271772012683
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
109aad1c1044563a7fa1a28de7943f7ec67fad5bfab9d3b536da7e959d2917c7

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=460
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame 39D7 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=80299939400
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
/
adx.adform.net/adx/ Frame 39D7 		0
0
translator
hbopenbid.pubmatic.com/ Frame 39D7 		0
0
arj
projectagora-d.openx.net/w/1.0/ Frame 39D7 		0
0
v1
prg.smartadserver.com/prebid/ Frame E618 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
X-SMRT-D
4%3b15%3b62
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E618 		240 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11498&site_id=111324&zone_id=1544212&size_id=2&gdpr=1&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&rf=http%3A%2F%2Fwww.gazetaexpress.com%2F&tk_flint=pbjs_lite_v2.44.0&x_source.tid=98f81cdc-5dd4-4c20-80f0-85c441536a29&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9496835151964098
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
230b89ed05e6b82bf7c59b480e051e5b5103db4cabd545f714cd66156ce628b9

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:36 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
http://www.gazetaexpress.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=5, max=491
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame E618 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame E618 		0
0
cdb
bidder.criteo.com/ Frame E618 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.0&cb=23017242611
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Mon, 17 Feb 2020 02:17:35 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://www.gazetaexpress.com
timing-allow-origin
*
vary
Origin
logic
sourcepoint.mgr.consensu.org/consent/v2/4923/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sourcepoint.mgr.consensu.org/consent/v2/4923/logic?withSiteActions=true&consentUUID=[CONSENT_UUID]&euconsent=[EUCONSENT]&mmsDomain=message909.gazetaexpress.com&hasConsentData&consentedToAny&rejectedAny&consentedToAll&shortCircuitDetection&requestUUID=43c64518-2302-41c4-8444-9bbaea0f4fac-1581905855327
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.112.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-112-30.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f42ff5e1f549389a41c44bb2f4da986f5fa14bb17bb12325f42a5797567dab96

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:36 GMT
status
200
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
1273
adeaVsuW1loU2ddaFlTXmczajEleFVXV2NpYmhTXVgxLSQteFVWZDFaVWBnWXhmWVpZZmZZZjF4Z1lnZ11jYlNmWVpZZmZZZjF4Z1lnZ11jYlNhWWdnVVtZU1djaWJoMSR4XmoxJiIkIiUlLSp4V1hXMWtdYlhjayJTZ2RTImFnWyJTXWJoWWZiVWAiV1hXJXhcZl...
message909.gazetaexpress.com/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://message909.gazetaexpress.com/adeaVsuW1loU2ddaFlTXmczajEleFVXV2NpYmhTXVgxLSQteFVWZDFaVWBnWXhmWVpZZmZZZjF4Z1lnZ11jYlNmWVpZZmZZZjF4Z1lnZ11jYlNhWWdnVVtZU1djaWJoMSR4XmoxJiIkIiUlLSp4V1hXMWtdYlhjayJTZ2RTImFnWyJTXWJoWWZiVWAiV1hXJXhcZllaMVxoaGR3JzV3Jjp3Jjpra2siW1VuWWhVWWxkZllnZyJXY2F3Jjp4V2NiZ1liaElJPTgxV1paKiglWlkhViUtJCEoKykqIVYsVyshJlZaViVWV1kmKChaeGZZZWlZZ2hJST04MSgnVyooKSUsISYnJCYhKCVXKCEsKCgoIS1WVlVZVSRaKFpVVyElKSwlLSQpLCkpJyYreFdjY19dWTF3KTZ3JiZTZ2RTWWJVVmBZU1haZFNkWWZnY2JVYF1uWVhTVVhndyc4WlVgZ1l3JzZ3JiZ3KTh4YGNVWFlYOFVoVTF3KTZ3KzZ3JiZdWHcmJncnNXcmJjdDQkc5Qkh3JzVZYlhkY11iaHcnNVxoaGRndyc1dyY6dyY6Z2NpZldZZGNdYmgiYVtmIldjYmdZYmdpImNmW3cnNSgtJid3JiZ3Jjd3JiZmWWdpYGh3JiZ3JzV3JiZ3KzZ3KTd3JiZcVWc3Y2JnWWJoOFVoVXcpN3cmJncnNVpVYGdZdyY3dyk3dyYmV2NiZ1liaFlYSGM1Ym13KTd3JiZ3JzViaWBgdyY3dyk3dyYmZlleWVdoWVg1Ym13KTd3JiZ3JzViaWBgdyY3dyk3dyYmV2NiZ1liaFlYSGM1YGB3KTd3JiZ3JzViaWBgdyY3dyk3dyYmZ1xjZmg3XWZXaV1oOFloWVdoXWNidyk3dyYmdyc1WlVgZ1l3Jjd3KTd3JiZXY2JnWWJoSUk9OHcpN3cmJncnNXcpN3cmJldaWiooJVpZIVYlLSQhKCspKiFWLFcrISZWWlYlVldZJigoWncpN3cmJncrOHcmJncrOHcpOA==
Requested by
Host: projectagoralibs.com
URL: http://projectagoralibs.com/libs/messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.100.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-100-228.eu-central-1.compute.amazonaws.com
Software
Jetty(9.4.2.v20170220) /
Resource Hash
668cea380468aed5a3498a9165bad53e267091bb26376b1f6d28b410f272cbf2

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:36 GMT
x-sp-mms-node
mms-ary.node.fra.consul
server
Jetty(9.4.2.v20170220)
access-control-allow-methods
GET
content-type
application/javascript
status
200
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-sp-mms-env
1
expires
Sat, 15 Nov 2008 16:00:00 GMT
logo4.png
www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/images/logo4.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
public
date
Mon, 17 Feb 2020 02:17:36 GMT
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2019 22:29:05 GMT
server
cloudflare
age
231271
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=31536000
cf-ray
566444119fcee5fc-LHR
expires
Mon, 24 Feb 2020 10:03:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fd3cb349de57c2cd424e99fd38ad73d169aef68c0bab46ef507ec5fff5c9e54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 17 Feb 2020 02:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5182
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1580338855439378"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=3000
Accept-Ranges
bytes
Content-Length
8104
X-XSS-Protection
0
Expires
Mon, 17 Feb 2020 02:17:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame D8AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/206/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://www.gazetaexpress.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://www.gazetaexpress.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4624
date
Mon, 17 Feb 2020 01:51:58 GMT
expires
Tue, 16 Feb 2021 01:51:58 GMT
last-modified
Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1538
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=4385251399603885&bg=!OzilOCBYrcFLMuh62DcCAAAAM1IAAAAJmQFg9FoTfekT3HSuhzsSs5wVTfQkQeq3m5gCBxOqa72nqvRUEzI-0iwleGpnKuLXkLI0p2-Y940cbvtL8FgMR_4lqMnmdeJR9hLiOzKA41L14jq_kKu_Wumh5rzGj-zAreY5oKB_ESebdJ-DTF-cVrHV1AT6rnWThHxRB7p9bkZjYYb_MTrEixWjtRs23hKCTD_NEgXmKdbgJrPE3B_CKBgTsjpFfQrOnmDGqJ5N96ijksakDr6Wfr53IAOVS9MlNyMNcarJdcgqyZeFifacCHGIBCyPPyk50tqUlebUY5QK81fSGbd72f_j6ZhyvgjUzNND_m0qLCCFCcXHVPiaaS1fuDsl3xOVRpaJF26MnpM9kXnkddAHKBi-g2Ku0-Qwjki9W5rYwcSgW0UiQ5--jP0HfQTNGoecIJXZedjwgzejK3AtiwhniUdl1zQEd093pHkzIhiFbw8qEVKPVKfSWgQKHQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:36 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/ Frame B219 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4d0cc38d06f858b5e63d2b90b03c28af64efc38bfee0ba1cbd522e2b2435ff9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
V4Hh61KELvDmS7jS00BbSgwi0v.P0h9R
Content-Encoding
gzip
Age
68
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
17880
x-amz-id-2
ZMSy36Q11yLu2QFP2L5MlRdRGskIvl3g2FaR5jrZ63eXEHanrBXF5ZGwls0u1VMw8RmMS0uPBFo=
X-Served-By
cache-hhn4065-HHN
Last-Modified
Sun, 16 Feb 2020 15:17:22 GMT
Server
AmazonS3
X-Timer
S1581905858.882255,VS0,VE0
ETag
"c844abe3d79f87c6befb14f0282c7b3e"
Vary
Accept-Encoding
x-amz-request-id
354671125B0BA5E5
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 236C 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 08:58:59 GMT
server
nginx
etag
W/"5e3a83d3-c273"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/ Frame 536D 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bf43e84b2527a8c0202813ab4a281ce67bbe8ccd144e5d8e74cc2ac281f3357

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
WuTb_C_mkHERBXbFxPAL9UrISa_76BCj
Content-Encoding
gzip
Age
85
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
18102
x-amz-id-2
9oR2Nfexc8qgU0yqrHtchQgVSLe+/E9hZNi2z8vSxNzjEBdJ92V7e0pQ/rY+zxQZBNqfWZzZaUU=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Sun, 16 Feb 2020 15:19:42 GMT
Server
AmazonS3
X-Timer
S1581905858.890148,VS0,VE1
ETag
"4450211518bfeb155ed736d9eb24ab06"
Vary
Accept-Encoding
x-amz-request-id
5DCF3E0FB930E932
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 95B1 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 08:58:59 GMT
server
nginx
etag
W/"5e3a83d3-c273"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/ Frame 00A5 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bf43e84b2527a8c0202813ab4a281ce67bbe8ccd144e5d8e74cc2ac281f3357

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
WuTb_C_mkHERBXbFxPAL9UrISa_76BCj
Content-Encoding
gzip
Age
85
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
18102
x-amz-id-2
9oR2Nfexc8qgU0yqrHtchQgVSLe+/E9hZNi2z8vSxNzjEBdJ92V7e0pQ/rY+zxQZBNqfWZzZaUU=
X-Served-By
cache-hhn4028-HHN
Last-Modified
Sun, 16 Feb 2020 15:19:42 GMT
Server
AmazonS3
X-Timer
S1581905858.897169,VS0,VE0
ETag
"4450211518bfeb155ed736d9eb24ab06"
Vary
Accept-Encoding
x-amz-request-id
5DCF3E0FB930E932
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 22BA 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 08:58:59 GMT
server
nginx
etag
W/"5e3a83d3-c273"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/ Frame A9C3 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
095bb3fb4588f4f076fa80f288d400b22fdbc8b2b4d9c359659fb033759abf8b

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
Am9nQEnkQIfKMuiPOY47LfnHIYiLssIa
Content-Encoding
gzip
Age
85
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
17864
x-amz-id-2
0w9b/wQ8aBFMSNiy/wznSdBt6LJSVPiWO2uxD5CNaeWsjNJHlvYQf+E5OeL7yohcqcGRRsY215U=
X-Served-By
cache-hhn4044-HHN
Last-Modified
Sun, 16 Feb 2020 15:11:02 GMT
Server
AmazonS3
X-Timer
S1581905858.899421,VS0,VE0
ETag
"c9b59160c023bb7ee909c7176233d8fe"
Vary
Accept-Encoding
x-amz-request-id
0ABCC7391933FC81
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame ECA7 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
655e777fe9c302f5e58831e18e4beb5bfe7508e24b9d58b0a5c7f5d8678a6fd6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 14:17:10 GMT
server
nginx
etag
W/"5e4165e6-cd6c"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/ Frame 88E9 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4d0cc38d06f858b5e63d2b90b03c28af64efc38bfee0ba1cbd522e2b2435ff9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
V4Hh61KELvDmS7jS00BbSgwi0v.P0h9R
Content-Encoding
gzip
Age
68
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
17880
x-amz-id-2
ZMSy36Q11yLu2QFP2L5MlRdRGskIvl3g2FaR5jrZ63eXEHanrBXF5ZGwls0u1VMw8RmMS0uPBFo=
X-Served-By
cache-hhn4032-HHN
Last-Modified
Sun, 16 Feb 2020 15:17:22 GMT
Server
AmazonS3
X-Timer
S1581905858.903829,VS0,VE1
ETag
"c844abe3d79f87c6befb14f0282c7b3e"
Vary
Accept-Encoding
x-amz-request-id
354671125B0BA5E5
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0625 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 08:58:59 GMT
server
nginx
etag
W/"5e3a83d3-c273"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/ Frame C170 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ada7793497070a2a5a79f8bb82b780a198e95e90f58ca8ec414867f5be69488

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
edZyGZwWyRxw_ECt_T0bwnatuDNgV3uE
Content-Encoding
gzip
Age
122
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
17868
x-amz-id-2
MFsx1hdbskc8IhwnBIyHF1j6pNubQ1ney8RCuIizcP+5BQ8/GN7RRxe7w1s0i9FkQUW3VtMSAB4=
X-Served-By
cache-hhn4073-HHN
Last-Modified
Sun, 16 Feb 2020 15:16:55 GMT
Server
AmazonS3
X-Timer
S1581905858.927174,VS0,VE1
ETag
"4420db0eaf2e8b9bbfa863cc65e22f6f"
Vary
Accept-Encoding
x-amz-request-id
F218F3860B2A6E67
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame BC46 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 08:58:59 GMT
server
nginx
etag
W/"5e3a83d3-c273"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/ Frame 0192 		67 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bf43e84b2527a8c0202813ab4a281ce67bbe8ccd144e5d8e74cc2ac281f3357

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
WuTb_C_mkHERBXbFxPAL9UrISa_76BCj
Content-Encoding
gzip
Age
85
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
18102
x-amz-id-2
9oR2Nfexc8qgU0yqrHtchQgVSLe+/E9hZNi2z8vSxNzjEBdJ92V7e0pQ/rY+zxQZBNqfWZzZaUU=
X-Served-By
cache-hhn4065-HHN
Last-Modified
Sun, 16 Feb 2020 15:19:42 GMT
Server
AmazonS3
X-Timer
S1581905858.944086,VS0,VE0
ETag
"4450211518bfeb155ed736d9eb24ab06"
Vary
Accept-Encoding
x-amz-request-id
5DCF3E0FB930E932
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
7
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 39D7 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 08:58:59 GMT
server
nginx
etag
W/"5e3a83d3-c273"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
loader.js
cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/ Frame 6A59 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d40a289216e4f4cd8625a456fccbf879b2fadaa332a9da92baf7ebb2bd7f5936

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
03JbJKP0lN08sjQghPDX0Pk16AGqS17b
Content-Encoding
gzip
Age
85
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:37 GMT
Connection
keep-alive
Content-Length
17864
x-amz-id-2
LfzYKYysmHb18cX4HUEjL4qtRtwo+dxu7S/Zh/pOHQK/eHXlb2d8c56bg7ZQMX1BQ3+T7I7FMTc=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Sun, 16 Feb 2020 15:11:19 GMT
Server
AmazonS3
X-Timer
S1581905858.955014,VS0,VE1
ETag
"f15a9fd6f332f61db68e4905fcf111af"
Vary
Accept-Encoding
x-amz-request-id
AB7AEE9BD2A6C9D9
Via
1.1 varnish
Cache-Control
private,max-age=14401
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
abp
95
X-Cache-Hits
1
publishertag.prebid.js
static.criteo.net/js/ld/ Frame E618 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebid.js
Protocol
HTTP/1.1
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
655e777fe9c302f5e58831e18e4beb5bfe7508e24b9d58b0a5c7f5d8678a6fd6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:37 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 14:17:10 GMT
server
nginx
etag
W/"5e4165e6-cd6c"
transfer-encoding
chunked
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 18 Feb 2020 02:17:37 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame B219 		441 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.022332,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
76
beacon.js
sb.scorecardresearch.com/ Frame B219 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame 536D 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.022466,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
80
beacon.js
sb.scorecardresearch.com/ Frame 536D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame 00A5 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.022448,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
80
beacon.js
sb.scorecardresearch.com/ Frame 00A5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame A9C3 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.022472,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
80
beacon.js
sb.scorecardresearch.com/ Frame A9C3 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame 88E9 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.022474,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
80
beacon.js
sb.scorecardresearch.com/ Frame 88E9 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame C170 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.127931,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
81
beacon.js
sb.scorecardresearch.com/ Frame C170 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame 0192 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.127971,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
82
beacon.js
sb.scorecardresearch.com/ Frame 0192 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
impl.20200216-18-RELEASE.js
cdn.taboola.com/libtrc/ Frame 6A59 		441 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
_G29ZpbBq.HXOfqPhSzTYd3DxTyVlCM8
content-encoding
gzip
age
57
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
COMPLETED
content-length
127273
x-amz-id-2
OPo6a+Jw7iid8zTNKxMiMojciMQjeUDjmJDjwCaFcQbMklE03YpV8NgydQQHlVpa40WLKkYEj0c=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:28 GMT
server
AmazonS3
x-timer
S1581905858.148252,VS0,VE0
etag
"92d851544aed42171a77004ca748230c"
vary
Accept-Encoding
x-amz-request-id
B8FD0FA9024CCF89
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
83
beacon.js
sb.scorecardresearch.com/ Frame 6A59 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 18 Feb 2020 02:17:38 GMT
json
trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/ Frame B219 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/json?tim=03%3A17%3A38.130&lti=deflated&data=%7B%22id%22%3A606%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8bad263b7120723b2674d437aa779ee432dabd8e42c3e404ca126826f2b0e143

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
45
date
Mon, 17 Feb 2020 02:17:38 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905858.154887,VS0,VE45
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/ Frame 88E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/trc/3/json?tim=03%3A17%3A38.148&lti=deflated&data=%7B%22id%22%3A751%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A0%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A0%2C%22dw%22%3A0%2C%22dh%22%3A0%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D1%22%2C%22uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22orig_uip%22%3A%22gazetaexpressDisplay-16588074%22%2C%22cd%22%3A0%2C%22mw%22%3A0%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
49d4aefa6e25a931dfd5a9deb38021a8cad50659224a4b3b3bf256985e1242bb

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
40
date
Mon, 17 Feb 2020 02:17:38 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905858.171163,VS0,VE40
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame B219 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
51
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905858.332213,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
21
x-cache-hits
12
match
match.zorosrv.com/ Frame 429C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&tbid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&query=taboola_hm%3Db54ef7d7-8a19-...
  • https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.786232,VS0,VE8
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status
200
x-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length
0
x-served-by
cache-hhn4031-HHN

Redirect headers

date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.658685,VS0,VE9
location
https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19150-FRA
sync.php
pixel.rubiconproject.com/exchange/ Frame 429C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
45 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905858.432215,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
Date
Mon, 17 Feb 2020 02:17:38 GMT
Server
nginx
Connection
close
Etag
"zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA="
Content-Length
0
/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=45725e49-f7c2-4400-8027-3bc4ab2233f2
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.544260,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

Date
Mon, 17 Feb 2020 02:17:38 GMT
Server
MT3 2082 7bba72b master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Feb 2020 02:17:37 GMT
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=EjC9ev6N3rrE&ev=1&pid=562107
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=EjC9ev6N3rrE&ev=1&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.584422,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=EjC9ev6N3rrE&ev=1&pid=562107
content-language
en-US
status
302
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-stage-0
expires
-1
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola&tc=1
0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola&tc=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.616318,VS0,VE9
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:38 GMT, Mon, 17 Feb 2020 02:17:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola&tc=1
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame 429C 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:45 GMT
AN-X-Request-Uuid
7c9dc892-b2c7-4a54-8e19-9a19d9e99055
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.994535,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:38 GMT
server
HTTP server (unknown)
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame 429C 		43 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:45 GMT
AN-X-Request-Uuid
849b4cc3-a0d6-43a9-b879-162828f6d795
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.53:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.818159,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:38 GMT
x-aspnet-version
4.0.30319
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 429C
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=0a11fb44-27db-417f-aaee-b18ce9953d8e-tuct5437d42
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.081272,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma
no-cache
expires
0
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cookiesync
bttrack.com/pixel/ Frame 429C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:38 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
cds.taboola.com/ Frame 429C 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=0a11fb44-27db-417f-aaee-b18ce9953d8e-tuct5437d42&_r=7911232
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:39 GMT
cache-control
no-store
x-envoy-upstream-service-time
1
Server
nginx
Connection
close
Content-Length
0
/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 429C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola
  • https://dm.hybrid.ai/bidswitch-match?ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=258&user_id=07b1f6de11113166384d&expires=30&ssp=taboola
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.788933,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

status
302
date
Mon, 17 Feb 2020 02:17:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
b2
sb.scorecardresearch.com/ Frame B219
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858314&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858314&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858314&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858314&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:38 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
match
match.zorosrv.com/ Frame AF7C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&tbid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&query=taboola_hm%3Db54ef7d7-8a19-...
  • https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.081568,VS0,VE8
x-served-by
cache-hhn4031-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.033851,VS0,VE9
location
https://match.zorosrv.com/match?tabid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&extuid=b54ef7d7-8a19-41b0-ad79-5b334ad85e19&excid=218&query=taboola_hm%3Db54ef7d7-8a19-41b0-ad79-5b334ad85e19
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19150-FRA
sync.php
pixel.rubiconproject.com/exchange/ Frame AF7C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
45 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.154316,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA%3D
Date
Mon, 17 Feb 2020 02:17:39 GMT
Server
nginx
Connection
close
Etag
"zbMTPKQGfsOpK7Oyu0j9wumQ47Rw3nJyFrgi6DXlUmA="
Content-Length
0
/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.134189,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

Date
Mon, 17 Feb 2020 02:17:39 GMT
Server
MT3 2082 7bba72b master zrh-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=45725e49-f7c2-4400-8027-3bc4ab2233f2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Feb 2020 02:17:38 GMT
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=8A3luaPqz4W1&ev=1&pid=562107
0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=8A3luaPqz4W1&ev=1&pid=562107
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.585155,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=8A3luaPqz4W1&ev=1&pid=562107
content-language
en-US
status
302
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c55bfb4dd-774rb
expires
-1
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola
0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.154468,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:39 GMT, Mon, 17 Feb 2020 02:17:39 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=oCFOuwRj5yWhkirkBpch&pi=taboola
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame AF7C 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:45 GMT
AN-X-Request-Uuid
423fe5a7-0acd-4efc-aee6-bdb85b160783
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.228521,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:39 GMT
server
HTTP server (unknown)
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEP3NVQbyGtoiYXDPdeJPQYk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuidnb
ib.adnxs.com/ Frame AF7C 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:45 GMT
AN-X-Request-Uuid
0543bc99-3b10-49e9-9a1e-ea783ccdcb0f
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.155:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905859.238035,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:39 GMT
x-aspnet-version
4.0.30319
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1c374285-1344-4f3b-b629-74b8d5d57de7
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
cookiesync
bttrack.com/pixel/ Frame AF7C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:38 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame AF7C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=6c544848-a668-41dd-ba0d-f5b0384a3303
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=6c544848-a668-41dd-ba0d-f5b0384a3303
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a457213e-c899-41b7-84d9-8b98c5df44c5&ssp=taboola
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.607664,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

status
302
date
Mon, 17 Feb 2020 02:17:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 88E9 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x250hu-r16588074/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
51
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:38 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905858.342969,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
21
x-cache-hits
13
rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame AF7C
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.248355,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma
no-cache
expires
0
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
/
cds.taboola.com/ Frame AF7C 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=358ba320-b929-4c2a-ac32-41d163eacb2f-tuct5437d42&_r=2371726
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:39 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/ Frame B219 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905858.360901,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
available
trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/ Frame 88E9 		0
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x250hu-r16588074/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:38 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905858.362083,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
b2
sb.scorecardresearch.com/ Frame 536D
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858345&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858345&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858345&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858345&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/ Frame 00A5
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858516&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858516&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858516&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858516&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/gazetaexpress160x600gr-r18287011/trc/3/ Frame A9C3 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/trc/3/json?tim=03%3A17%3A38.671&lti=deflated&data=%7B%22id%22%3A496%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A160%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A160%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287011%22%2C%22orig_uip%22%3A%2218287011%22%2C%22cd%22%3A0%2C%22mw%22%3A160%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b89282859a51584f32227a29d5cf164f95d4eb6a83acf1f6db66f4490533cf11

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
53
date
Mon, 17 Feb 2020 02:17:39 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905860.717610,VS0,VE53
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
b
sb.scorecardresearch.com/ Frame A9C3 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858673&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/ Frame 536D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/json?tim=03%3A17%3A38.689&lti=deflated&data=%7B%22id%22%3A414%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217062380%22%2C%22orig_uip%22%3A%2217062380%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9609fabd46b8f8d9639034973dd314d749faaf7f184881a18d2698529bc90845

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
72
date
Mon, 17 Feb 2020 02:17:39 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905860.780054,VS0,VE72
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/ Frame 00A5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/json?tim=03%3A17%3A38.761&lti=deflated&data=%7B%22id%22%3A292%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217062380%22%2C%22orig_uip%22%3A%2217062380%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45e3a85321564f66d13e4ab3f3785de91e08f9d4a86113f53c2f139a33d058a3

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
54
date
Mon, 17 Feb 2020 02:17:39 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905860.808947,VS0,VE54
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress300x600hu-r16588079/trc/3/ Frame C170 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x600hu-r16588079/trc/3/json?tim=03%3A17%3A38.783&lti=deflated&data=%7B%22id%22%3A526%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A600%2C%22dw%22%3A300%2C%22dh%22%3A600%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2216588079%22%2C%22orig_uip%22%3A%2216588079%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45895e4d23fe6ad7eedcf717c2be508226651dad5f0994243934ac0eb0f81bfa

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
62
date
Mon, 17 Feb 2020 02:17:39 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905860.835022,VS0,VE62
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/ Frame 0192 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/trc/3/json?tim=03%3A17%3A38.789&lti=deflated&data=%7B%22id%22%3A603%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A970%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A970%2C%22dh%22%3A250%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2217062380%22%2C%22orig_uip%22%3A%2217062380%22%2C%22cd%22%3A0%2C%22mw%22%3A970%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3788c96dda33edf195e73ba5dfa3a0707fbbcce6b9ac614933e090302a9ea7dd

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
51
date
Mon, 17 Feb 2020 02:17:39 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905860.889961,VS0,VE51
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/ Frame 6A59 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/trc/3/json?tim=03%3A17%3A38.796&lti=deflated&data=%7B%22id%22%3A601%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1581905858128%2C%22cv%22%3A%2220200216-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fwww.gazetaexpress.com%2F%22%2C%22bv%22%3A%221%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A3%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218287006%22%2C%22orig_uip%22%3A%2218287006%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de351fc473ae318125b080f55b476f746f1f2ced13a54d42fbffd74909693b00

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-vcl-time-ms
66
date
Mon, 17 Feb 2020 02:17:39 GMT
content-encoding
gzip
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
via
1.1 varnish
x-served-by
cache-hhn4074-HHN
server
nginx
x-timer
S1581905860.900968,VS0,VE66
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
b
sb.scorecardresearch.com/ Frame 88E9 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858811&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame C170 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858851&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame 0192 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858890&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame 6A59 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1581905858931&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=http%3A%2F%2Fwww.gazetaexpress.com%2F&c9=http%3A%2F%2Fwww.gazetaexpress.com%2F
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://px.powerlinks.com/user/identify?sourceId=d4a7a706-ab0f-11e8-a038-127202fb7690&rurl=https%3A%2F%2Ftrc.taboola.com%2Fsg%2Fpowerlinksdsp-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24%7BUSER%7D
  • https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=Q8SO23-cVAWtmqQX43j0qIfCQscM0N5Di1UZogXOG4o%3D
45 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=Q8SO23-cVAWtmqQX43j0qIfCQscM0N5Di1UZogXOG4o%3D
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.078063,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/powerlinksdsp-network/1/rtb-h/?taboola_hm=Q8SO23-cVAWtmqQX43j0qIfCQscM0N5Di1UZogXOG4o%3D
Date
Mon, 17 Feb 2020 02:17:40 GMT
Server
nginx
Connection
close
Etag
"Q8SO23-cVAWtmqQX43j0qIfCQscM0N5Di1UZogXOG4o="
Content-Length
0
getuidnb
ib.adnxs.com/ Frame 0529 		43 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:45 GMT
AN-X-Request-Uuid
aa13400d-44d6-4998-9e98-52407ad0f96c
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.77:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuidnb
ib.adnxs.com/ Frame 0529 		43 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuidnb?https://trc.taboola.com/sg/nca-appnexus-network/1/rtb-h/?taboola_hm=$UID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:45 GMT
AN-X-Request-Uuid
3d3e33d3-99a6-4b2b-bc9e-d0c76321dbd2
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.16.206.87; 185.16.206.87; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookiesync
bttrack.com/pixel/ Frame 0529 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

X-ServerName
Track004-dc3
Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:39 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame A9C3 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress160x600gr-r18287011/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
53
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:40 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905860.115922,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
15
tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/ Frame 0529
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=10924/tp=OOLA/tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
  • https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
49 B
971 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.164.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-164-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:40 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
10.45.0.116
Connection
keep-alive
Content-Type
image/gif
Content-Length
49
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 17 Feb 2020 02:17:40 GMT
P3P
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Location
https://sync.crwdcntrl.net/map/ct=y/c=10924/tp=OOLA/tpid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
Cache-Control
no-cache
X-Server
10.45.7.75
Connection
keep-alive
Content-Length
0
Expires
0
match
match.zorosrv.com/ Frame 0529
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://trc.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a457213e-c899-41b7-84d9-8b98c5df44c5
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=a457213e-c899-41b7-84d9-8b98c5df44c5&tbid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&query=taboola_hm%3Da457213e-c899-...
  • https://match.zorosrv.com/match?tabid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&extuid=a457213e-c899-41b7-84d9-8b98c5df44c5&excid=218&query=taboola_hm%3Da457213e-c899-41b7-84d9-8b98c5df44c5
0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.zorosrv.com/match?tabid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&extuid=a457213e-c899-41b7-84d9-8b98c5df44c5&excid=218&query=taboola_hm%3Da457213e-c899-41b7-84d9-8b98c5df44c5
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.258241,VS0,VE8
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NOI IDC DSP COR CURa ADMa OUR IND COM STA NOR UNI"
status
200
x-cache-hits
0
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, X-Prototype-Version, Content-Type, Origin, Allow
content-length
0
x-served-by
cache-hhn4031-HHN

Redirect headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.209624,VS0,VE9
location
https://match.zorosrv.com/match?tabid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&extuid=a457213e-c899-41b7-84d9-8b98c5df44c5&excid=218&query=taboola_hm%3Da457213e-c899-41b7-84d9-8b98c5df44c5
x-cache
MISS
status
302
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19150-FRA
sync.php
pixel.rubiconproject.com/exchange/ Frame 0529 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
/
trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]
  • https://sync.mathtag.com/sync/img?mt_exid=92&redir=https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=[MM_UUID]&mm_bnc&mm_bct&UUID=dc285e49-f7c3-4b00-b5c8-400566b03386
  • https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=dc285e49-f7c3-4b00-b5c8-400566b03386
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=dc285e49-f7c3-4b00-b5c8-400566b03386
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.306581,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

Date
Mon, 17 Feb 2020 02:17:40 GMT
Server
MT3 2094 d1c5310 master zrh-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://trc.taboola.com/sg/mediamath-ssp-network/1/rtb-h/?taboola_hm=dc285e49-f7c3-4b00-b5c8-400566b03386
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 17 Feb 2020 02:17:39 GMT
/
trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Ftrc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%
  • https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=UI7nM063s0ht&ev=1&pid=562107
0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=UI7nM063s0ht&ev=1&pid=562107
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.847861,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://trc.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=UI7nM063s0ht&ev=1&pid=562107
content-language
en-US
status
302
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c55bfb4dd-774rb
expires
-1
/
trc.taboola.com/sg/rtbhouse-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://ams.creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=bCdEAGsshKXOMyRjMuho&pi=taboola&tc=1
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=bCdEAGsshKXOMyRjMuho&pi=taboola&tc=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.355484,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

status
302
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:40 GMT, Mon, 17 Feb 2020 02:17:40 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
location
https://trc.taboola.com/sg/rtbhouse-network/1/rtb-h/?taboola_hm=bCdEAGsshKXOMyRjMuho&pi=taboola&tc=1
expires
Thu, 01 Jan 1970 00:00:00 GMT
35702
tags.bluekai.com/site/ Frame 0529 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/35702?id=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-237-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:40 GMT
X-N
S
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
b27e
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cm
trc.taboola.com/sg/neustar/1/ Frame 0529
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212237748&puid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
  • https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990903334000036331
0
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990903334000036331
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905860.419115,VS0,VE9
x-cache
MISS
status
200
cache-control
no-cache, no-store
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4074-HHN

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:40 GMT
server
AAWebServer
location
https://trc.taboola.com/sg/neustar/1/cm?taboola_hm=164990903334000036331
p3p
policyref="http://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status
302
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
32441
i.liadm.com/s/ Frame 0529
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_li_chk=true&previous_uuid=628adac7d97f46238461c2d333b3c887
43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_li_chk=true&previous_uuid=628adac7d97f46238461c2d333b3c887
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.141.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-141-0.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:40 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
/s/32441?bidder_id=88068&bidder_uuid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_li_chk=true&previous_uuid=628adac7d97f46238461c2d333b3c887
Date
Mon, 17 Feb 2020 02:17:40 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
csync.ashx
ml314.com/ Frame 0529
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50077&et=0&fp=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&return=https%3a%2f%2fidsync.rlcdn.com%2f395886.gif%3fpartner_uid%3d%5bPersonID%5d
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3608239461380390924
  • https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYwODIzOTQ2MTM4MDM5MDkyNBAAGg0IxO-n8gUSBQjoBxAAQgBKAA
  • https://ml314.com/csync.ashx?fp=d97f27aa81e5432621f0148a97a9b4a3b2277312d3f97517d7e2a9b5daec60e9f4cb09cee1a4f8eb&person_id=3608239461380390924&eid=50082
43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=d97f27aa81e5432621f0148a97a9b4a3b2277312d3f97517d7e2a9b5daec60e9f4cb09cee1a4f8eb&person_id=3608239461380390924&eid=50082
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.75.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-75-38.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 02:17:40 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
Content-Length
43
Expires
Mon, 17 Feb 2020 21:17:40 GMT

Redirect headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 google
location
https://ml314.com/csync.ashx?fp=d97f27aa81e5432621f0148a97a9b4a3b2277312d3f97517d7e2a9b5daec60e9f4cb09cee1a4f8eb&person_id=3608239461380390924&eid=50082
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status
307
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg6bercmTzffGCOealDw2s&google_cver=1
0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg6bercmTzffGCOealDw2s&google_cver=1
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905861.550899,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:40 GMT
server
HTTP server (unknown)
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEPg6bercmTzffGCOealDw2s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d27b104d-ceff-4eb5-84b4-bf848e1de5eb
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d27b104d-ceff-4eb5-84b4-bf848e1de5eb
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905861.645683,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:40 GMT
x-aspnet-version
4.0.30319
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=d27b104d-ceff-4eb5-84b4-bf848e1de5eb
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
trc.taboola.com/sg/storygize-network/1/ Frame 0529
Redirect Chain
  • https://www.storygize.net/ccm/4b560cdd-91f9-422b-adb7-e9dff26bc3ad?u=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
  • https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905861.763766,VS0,VE9
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

Location
https://trc.taboola.com/sg/storygize-network/1/rtb-h?taboola_hm=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma
no-cache
expires
0
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
pixel.gif
load77.exelator.com/ Frame 0529
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43
  • https://loadm.exelator.com/load/?p=204&g=1270&j=0&BUID=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-46.datapacket.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 02:17:40 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"59f0c3fc-2b"
x-cache
HIT
content-type
image/gif
status
200
x-edge-ip
195.181.175.44
x-age
140136
accept-ranges
bytes
content-length
43

Redirect headers

date
Mon, 17 Feb 2020 02:17:40 GMT
server
nginx/1.14.0
x-powered-by
Undertow/1
location
https://load77.exelator.com/pixel.gif
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
status
302
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
/
cds.taboola.com/ Frame 0529 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=658258
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:40 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
/
trc.taboola.com/sg/bidswitch-network/1/rtb-h/ Frame 0529
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola
  • https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=taboola
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=taboola&gdpr=1&user_id=KackS3r1c0YxpCNKeKQ9ES_3KUcx8yIRK6PJjRci
  • https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
0
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish
server
nginx
x-timer
S1581905861.070992,VS0,VE8
x-served-by
cache-hhn4074-HHN
x-cache
MISS
status
200
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

status
302
date
Mon, 17 Feb 2020 02:17:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
//trc.taboola.com/sg/bidswitch-network/1/rtb-h/?taboola_hm=6c544848-a668-41dd-ba0d-f5b0384a3303
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
available
trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/ Frame A9C3 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905860.828705,VS0,VE8
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
54ed4723d81a281fdb5bbd78196b94c9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A9C3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54ed4723d81a281fdb5bbd78196b94c9.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
495c4334f0487bd444019ac4679aa6d82a43844e09cec16d762d0186951deaf5

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish, 1.1 varnish
age
238935
edge-cache-tag
327049166525249250328860159255982464233,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 16 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54ed4723d81a281fdb5bbd78196b94c9.jpg
content-length
8739
x-served-by
cache-hhn4050-HHN, cache-hhn4074-HHN
last-modified
Fri, 14 Feb 2020 01:27:54 GMT
server
cloudinary
x-timer
S1581905861.875885,VS0,VE1
etag
"1df3afe8a401f5bf7c427dcea207de31"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame A9C3 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
91534b2da211f4cae9d472b6505592b7e915b79b6e99cb6a0f582de0467b06f5

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish, 1.1 varnish
age
2255119
edge-cache-tag
305210218507038855225318021322074689226,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 23 Jan 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
5063
x-served-by
cache-hhn4061-HHN, cache-hhn4074-HHN
last-modified
Mon, 23 Dec 2019 08:12:21 GMT
server
cloudinary
x-timer
S1581905861.902821,VS0,VE1
etag
"64ef6b1f77a17a3a56b4a9616164c009"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
for-web.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/ Frame A9C3 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/for-web.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9308360025d2767f6d54151f33a590062e58a2900e68208fa5cb948ed0c1eef2

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish, 1.1 varnish
age
88807
edge-cache-tag
575844489407417164823708235729171235929,536520885600430275674102715245236517759,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 16 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/for-web.jpg
content-length
22134
x-served-by
cache-hhn4027-HHN, cache-hhn4074-HHN
last-modified
Fri, 14 Feb 2020 20:39:28 GMT
server
cloudinary
x-timer
S1581905861.907484,VS0,VE1
etag
"b6df5c2cc8464556f3fba415797adc0c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 536D 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
54
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:40 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905861.914658,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
16
/
cds.taboola.com/ Frame 422F 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=2292064
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:41 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 536D 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905860.904907,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 00A5 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
54
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:40 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905861.946729,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
17
/
cds.taboola.com/ Frame 6E3E 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=9704095
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:41 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
8c99804e35c8771af3385922d70ffb75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 536D 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish, 1.1 varnish
age
845180
edge-cache-tag
511282828851882304803496105308357560777,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 24 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
content-length
60678
x-served-by
cache-hhn4042-HHN, cache-hhn4074-HHN
last-modified
Fri, 24 Jan 2020 10:25:10 GMT
server
cloudinary
x-timer
S1581905861.984991,VS0,VE1
etag
"ee2063ab8c37028c2325e2c60ac8e786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 536D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bf772e070c53de54d1af4344e7ed5224095d5a8fe3ae1fefa11bed90d611b660

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
2264054
edge-cache-tag
305210218507038855225318021322074689226,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 23 Jan 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
20497
x-served-by
cache-hhn4036-HHN, cache-hhn4074-HHN
last-modified
Mon, 23 Dec 2019 08:22:49 GMT
server
cloudinary
x-timer
S1581905861.024365,VS0,VE0
etag
"6a71562d6d180416c932c3d02680a12e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
before-and-after-photos-1-taboola.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/ Frame 536D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7e74b25c27284e106b463ca6e8b0e6fb7e2dbb14c9948d9b466d37cabde26ac4

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
1560071
edge-cache-tag
381034242475585623403948544998000885563,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 14 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
content-length
14205
x-served-by
cache-hhn4021-HHN, cache-hhn4074-HHN
last-modified
Tue, 14 Jan 2020 09:19:15 GMT
server
cloudinary
x-timer
S1581905861.062977,VS0,VE1
etag
"8cdd32aa649939de9b92a290325d01a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
available
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 00A5 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905860.918784,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
dbe7d0a671434392851cef857e01fb63.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 00A5 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dbe7d0a671434392851cef857e01fb63.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9ec3a43fec230e7c81dffcfdc3636b16862c7aff7733848cb19f4c52183fc9c6

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
1965962
edge-cache-tag
595799579972005134534414546417074330127,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Wed, 05 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dbe7d0a671434392851cef857e01fb63.jpg
content-length
15694
x-served-by
cache-hhn4039-HHN, cache-hhn4074-HHN
last-modified
Sun, 05 Jan 2020 13:52:59 GMT
server
cloudinary
x-timer
S1581905861.101994,VS0,VE1
etag
"d8857516438fb9484edf48cdfe990165"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
8c99804e35c8771af3385922d70ffb75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 00A5 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
845180
edge-cache-tag
511282828851882304803496105308357560777,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 24 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
content-length
60678
x-served-by
cache-hhn4042-HHN, cache-hhn4074-HHN
last-modified
Fri, 24 Jan 2020 10:25:10 GMT
server
cloudinary
x-timer
S1581905861.117584,VS0,VE0
etag
"ee2063ab8c37028c2325e2c60ac8e786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2
224d5368421d82c34eac34bd79a65e8e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 00A5 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/224d5368421d82c34eac34bd79a65e8e.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2e0fa29b5f67a0d0f3111de6b21a2f17add419ce106540c1a4de52133a771fa2

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
782301
edge-cache-tag
375122343692814619429622873457810612031,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 09 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/224d5368421d82c34eac34bd79a65e8e.jpg
content-length
54700
x-served-by
cache-hhn4082-HHN, cache-hhn4074-HHN
last-modified
Fri, 07 Feb 2020 16:55:30 GMT
server
cloudinary
x-timer
S1581905861.140500,VS0,VE1
etag
"2298aadac8935b0090e1dd9a366acbc0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame C170 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress300x600hu-r16588079/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
54
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:41 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905861.156236,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
18
/
cds.taboola.com/ Frame E2E9 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=4099036
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:41 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress300x600hu-r16588079/log/3/ Frame C170 		0
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress300x600hu-r16588079/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905860.952758,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame C170 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ddb404cb3ccf107ab6ae80a64c44b00c7356308de345e6084a1f2b3f1b019466

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
784739
edge-cache-tag
305210218507038855225318021322074689226,427391600140024106824145288661384907455,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sun, 23 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
199073
x-served-by
cache-hhn4054-HHN, cache-hhn4074-HHN
last-modified
Thu, 23 Jan 2020 02:16:34 GMT
server
cloudinary
x-timer
S1581905861.194291,VS0,VE1
etag
"43ee9dc465d6c14f9a4defa6f9df45d9"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
for-web.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/ Frame C170 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/for-web.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
43d37ef036d4eb4bf36da8c26729b11bc347e8a2dbbd642f491c85ed89b1bf35

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
737571
edge-cache-tag
575844489407417164823708235729171235929,427391600140024106824145288661384907455,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 14 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/for-web.jpg
content-length
25737
x-served-by
cache-hhn4068-HHN, cache-hhn4074-HHN
last-modified
Tue, 14 Jan 2020 20:43:22 GMT
server
cloudinary
x-timer
S1581905861.221420,VS0,VE1
etag
"46a872dcceeb9e7cc99e30a52c428c14"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
ProjectSolar3_1000x600_58d9ba6585acebe943ea75beb6fefa79.png
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ Frame C170 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ProjectSolar3_1000x600_58d9ba6585acebe943ea75beb6fefa79.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0779208115af9752c3b9ff60d7d6dbe8ca0d1704357a45b1af916621521fcc8a

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
520701
edge-cache-tag
295019806349654470340337393285666778707,427391600140024106824145288661384907455,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Wed, 19 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/ProjectSolar3_1000x600_58d9ba6585acebe943ea75beb6fefa79.png
content-length
20866
x-served-by
cache-hhn4043-HHN, cache-hhn4074-HHN
last-modified
Sun, 19 Jan 2020 09:26:00 GMT
server
cloudinary
x-timer
S1581905861.234018,VS0,VE1
etag
"a54ddd126d7b2d31617a114be3906a10"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
aff7bcb542f63561cc021ab2799f6b20.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame C170 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aff7bcb542f63561cc021ab2799f6b20.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
82825a7acfd098ec5103140ba9c6543105e53f0cb77fbc6834d0e6877d9b6af5

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
314474
edge-cache-tag
421524781060111377166228878671885530298,427391600140024106824145288661384907455,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sat, 14 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aff7bcb542f63561cc021ab2799f6b20.jpg
content-length
24566
x-served-by
cache-hhn4075-HHN, cache-hhn4074-HHN
last-modified
Wed, 12 Feb 2020 05:39:00 GMT
server
cloudinary
x-timer
S1581905861.235681,VS0,VE1
etag
"1786e25ff41f6c41758e29d523594a3d"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
421d6eddce0c16a0b974beffa39de3a7.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame C170 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/421d6eddce0c16a0b974beffa39de3a7.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c5488add290e710a21c6bcf670b5abdb8d60f39ae78d2adc6289b4702eadda22

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
595998338458541185521102947779965694449,427391600140024106824145288661384907455,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sun, 08 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/421d6eddce0c16a0b974beffa39de3a7.jpg
content-length
16533
x-served-by
cache-hhn4026-HHN, cache-hhn4074-HHN
last-modified
Thu, 06 Feb 2020 06:04:32 GMT
server
cloudinary
x-timer
S1581905861.260862,VS0,VE164
etag
"f306e237ef8a829748ffe58740489410"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
52e7a73ede288ecbb71dcf22ddd8bd82.png
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame C170 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52e7a73ede288ecbb71dcf22ddd8bd82.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2a2f34bad58293c5e78eb8d0074ab1900080990b34353d5f5bbc7ec9a0d08769

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
370470571331072617186857154520345248354,427391600140024106824145288661384907455,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sun, 08 Mar 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_125%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/52e7a73ede288ecbb71dcf22ddd8bd82.png
content-length
13657
x-served-by
cache-hhn4075-HHN, cache-hhn4074-HHN
last-modified
Thu, 06 Feb 2020 22:52:28 GMT
server
cloudinary
x-timer
S1581905861.272979,VS0,VE156
etag
"9f6a27a58743151c472b8db70b6054c1"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 0192 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress970x250gr-r17062380/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
54
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:41 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905861.274676,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
17
x-cache-hits
19
/
cds.taboola.com/ Frame 4C01 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=5933260
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:41 GMT
cache-control
no-store
x-envoy-upstream-service-time
1
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 0192 		0
62 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:39 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905860.991289,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
8c99804e35c8771af3385922d70ffb75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0192 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
845180
edge-cache-tag
511282828851882304803496105308357560777,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 24 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
content-length
60678
x-served-by
cache-hhn4042-HHN, cache-hhn4074-HHN
last-modified
Fri, 24 Jan 2020 10:25:10 GMT
server
cloudinary
x-timer
S1581905861.459268,VS0,VE0
etag
"ee2063ab8c37028c2325e2c60ac8e786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0192 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bf772e070c53de54d1af4344e7ed5224095d5a8fe3ae1fefa11bed90d611b660

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
2264054
edge-cache-tag
305210218507038855225318021322074689226,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 23 Jan 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
20497
x-served-by
cache-hhn4036-HHN, cache-hhn4074-HHN
last-modified
Mon, 23 Dec 2019 08:22:49 GMT
server
cloudinary
x-timer
S1581905861.462791,VS0,VE0
etag
"6a71562d6d180416c932c3d02680a12e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
before-and-after-photos-1-taboola.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/ Frame 0192 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7e74b25c27284e106b463ca6e8b0e6fb7e2dbb14c9948d9b466d37cabde26ac4

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
1560071
edge-cache-tag
381034242475585623403948544998000885563,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 14 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
content-length
14205
x-served-by
cache-hhn4021-HHN, cache-hhn4074-HHN
last-modified
Tue, 14 Jan 2020 09:19:15 GMT
server
cloudinary
x-timer
S1581905861.468111,VS0,VE0
etag
"8cdd32aa649939de9b92a290325d01a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2
userx.20200216-18-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 6A59 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: http://cdn.taboola.com/libtrc/gazetaexpress728x90gr-r18287006/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
7XtA222tzc3TiAwPvQaA9EHFU9Hb3F_p
content-encoding
gzip
age
54
x-cache
HIT
status
200
date
Mon, 17 Feb 2020 02:17:41 GMT
x-amz-replication-status
PENDING
content-length
7712
x-amz-id-2
xA1KCNljIBlFeCZE/QoHaOJRT8skiD7cDE3A3wQ5Zfx6YtEctmugiDDbxCQbHtFx4Q2x1ZnITEE=
x-served-by
cache-hhn4074-HHN
last-modified
Sun, 16 Feb 2020 16:28:36 GMT
server
AmazonS3
x-timer
S1581905861.498028,VS0,VE0
etag
"169cfa8ac51a6c626fb8ff4852adbceb"
vary
Accept-Encoding
x-amz-request-id
1F0D7937EFBA8924
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
1
x-cache-hits
20
/
cds.taboola.com/ Frame BD84 		0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=b3267533-4e48-4fcc-934c-8460525910e0-tuct5437d43&_r=2274823
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 17 Feb 2020 02:17:41 GMT
cache-control
no-store
x-envoy-upstream-service-time
0
Server
nginx
Connection
close
Content-Length
0
available
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 6A59 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/available?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905860.016538,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 6A59 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
60d4174765d57e27c2e81270309f1fc699acfd07b543ac9bc1e36e1b1aa60aba

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
855808
edge-cache-tag
305210218507038855225318021322074689226,606946013417484284046698098738053986510,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Sun, 23 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
226334
x-served-by
cache-hhn4074-HHN, cache-hhn4074-HHN
last-modified
Thu, 23 Jan 2020 09:38:17 GMT
server
cloudinary
x-timer
S1581905862.506477,VS0,VE0
etag
"3aef089dd39674825f85681a75e54800"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 757
for-web.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/ Frame 6A59 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/for-web.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
ae3a2a5d29f6552bac005b0ef8961cd8d78250be07f9dbc4f7943e00c16e4c41

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
1455310
edge-cache-tag
575844489407417164823708235729171235929,606946013417484284046698098738053986510,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 14 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.tripsaway.net/wp-content/uploads/2014/02/for-web.jpg
content-length
29232
x-served-by
cache-hhn4046-HHN, cache-hhn4074-HHN
last-modified
Tue, 14 Jan 2020 21:05:22 GMT
server
cloudinary
x-timer
S1581905862.536650,VS0,VE1
etag
"7069340e61c3512a6aa1e0b3f88b6d84"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
before-and-after-photos-1-taboola.jpg
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/ Frame 6A59 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4810303e513855de9e3a87ef49f5c3e4f4df184a8af914489ac4414f7e55dba5

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
560021
edge-cache-tag
381034242475585623403948544998000885563,606946013417484284046698098738053986510,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Tue, 11 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_143%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
content-length
24634
x-served-by
cache-hhn4031-HHN, cache-hhn4074-HHN
last-modified
Sat, 11 Jan 2020 13:10:10 GMT
server
cloudinary
x-timer
S1581905862.548175,VS0,VE0
etag
"f9e892675b0f19054c8d76a1ee50a6fe"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame A9C3 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via
1.1 varnish
Age
10017
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:40 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1581905860.158995,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
29D722C296265892
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
abp
1
X-Cache-Hits
4277
visible
trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/ Frame A9C3 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress160x600gr-r18287011/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905861.830334,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 236C
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHSaMfRrYctd59LbVAp4El4&google_cver=1
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHSaMfRrYctd59LbVAp4El4&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.174.5 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 google
server
OXGW/16.174.5
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHSaMfRrYctd59LbVAp4El4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 95B1
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJj_tzupE5VGYMebHfEX1fQ&google_cver=1
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJj_tzupE5VGYMebHfEX1fQ&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.174.5 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 google
server
OXGW/16.174.5
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJj_tzupE5VGYMebHfEX1fQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 22BA
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://u.openx.net/w/1.0/pd?cc=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs54TpyZnlm9lzm4Epw0n8&google_cver=1
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs54TpyZnlm9lzm4Epw0n8&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.174.5 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 google
server
OXGW/16.174.5
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
server
HTTP server (unknown)
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs54TpyZnlm9lzm4Epw0n8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 0625
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.195.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-195-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70

Redirect headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 google
server
OXGW/16.174.5
location
https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
openx
match.adsrvr.org/track/cmf/ Frame BC46
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.195.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-195-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70

Redirect headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 google
server
OXGW/16.174.5
location
https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
openx
match.adsrvr.org/track/cmf/ Frame 39D7
Redirect Chain
  • https://u.openx.net/w/1.0/pd
  • https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.195.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-195-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 02:17:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
200
cache-control
private,no-cache, must-revalidate
content-type
image/gif
content-length
70

Redirect headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 google
server
OXGW/16.174.5
location
https://match.adsrvr.org/track/cmf/openx?oxid=affd7757-0509-7762-f519-b14a3ad0eccd&gdpr=1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
visible
trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/ Frame 00A5 		0
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress970x250gr-r17062380/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Mon, 17 Feb 2020 02:17:40 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905861.923053,VS0,VE10
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 536D 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via
1.1 varnish
Age
10017
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:40 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
X-Served-By
cache-hhn4061-HHN
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1581905861.968424,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
29D722C296265892
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
abp
1
X-Cache-Hits
4278
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 00A5 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via
1.1 varnish
Age
10017
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:40 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
X-Served-By
cache-hhn4065-HHN
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1581905861.994377,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
29D722C296265892
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
abp
1
X-Cache-Hits
3929
visible
trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/ Frame 6A59 		0
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/gazetaexpress728x90gr-r18287006/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200216-18-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.gazetaexpress.com/
Origin
http://www.gazetaexpress.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
204
x-served-by
cache-hhn4074-HHN
pragma
no-cache
server
nginx
x-timer
S1581905861.020332,VS0,VE9
content-type
image/gif
access-control-allow-origin
http://www.gazetaexpress.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
8c99804e35c8771af3385922d70ffb75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 536D 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
845181
edge-cache-tag
511282828851882304803496105308357560777,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 24 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
content-length
60678
x-served-by
cache-hhn4042-HHN, cache-hhn4074-HHN
last-modified
Fri, 24 Jan 2020 10:25:10 GMT
server
cloudinary
x-timer
S1581905862.774559,VS0,VE0
etag
"ee2063ab8c37028c2325e2c60ac8e786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 536D 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bf772e070c53de54d1af4344e7ed5224095d5a8fe3ae1fefa11bed90d611b660

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
2264055
edge-cache-tag
305210218507038855225318021322074689226,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 23 Jan 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
20497
x-served-by
cache-hhn4036-HHN, cache-hhn4074-HHN
last-modified
Mon, 23 Dec 2019 08:22:49 GMT
server
cloudinary
x-timer
S1581905862.815592,VS0,VE0
etag
"6a71562d6d180416c932c3d02680a12e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3
before-and-after-photos-1-taboola.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/ Frame 536D 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7e74b25c27284e106b463ca6e8b0e6fb7e2dbb14c9948d9b466d37cabde26ac4

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
1560072
edge-cache-tag
381034242475585623403948544998000885563,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 14 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
content-length
14205
x-served-by
cache-hhn4021-HHN, cache-hhn4074-HHN
last-modified
Tue, 14 Jan 2020 09:19:15 GMT
server
cloudinary
x-timer
S1581905862.815693,VS0,VE0
etag
"8cdd32aa649939de9b92a290325d01a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3
8c99804e35c8771af3385922d70ffb75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 00A5 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
845181
edge-cache-tag
511282828851882304803496105308357560777,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 24 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
content-length
60678
x-served-by
cache-hhn4042-HHN, cache-hhn4074-HHN
last-modified
Fri, 24 Jan 2020 10:25:10 GMT
server
cloudinary
x-timer
S1581905862.815771,VS0,VE0
etag
"ee2063ab8c37028c2325e2c60ac8e786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 5
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame C170 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/userx.20200216-18-RELEASE.es6.js
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via
1.1 varnish
Age
10017
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:41 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
X-Served-By
cache-hhn4065-HHN
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1581905861.201540,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
29D722C296265892
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
abp
1
X-Cache-Hits
3930
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 0192 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via
1.1 varnish
Age
10017
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:41 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
X-Served-By
cache-hhn4065-HHN
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1581905861.318743,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
29D722C296265892
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
abp
1
X-Cache-Hits
3931
8c99804e35c8771af3385922d70ffb75.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0192 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
845181
edge-cache-tag
511282828851882304803496105308357560777,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Mon, 24 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8c99804e35c8771af3385922d70ffb75.jpg
content-length
60678
x-served-by
cache-hhn4042-HHN, cache-hhn4074-HHN
last-modified
Fri, 24 Jan 2020 10:25:10 GMT
server
cloudinary
x-timer
S1581905862.818139,VS0,VE0
etag
"ee2063ab8c37028c2325e2c60ac8e786"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 6
67f9934b88f7908f28b6f78909de7d41.gif
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 0192 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bf772e070c53de54d1af4344e7ed5224095d5a8fe3ae1fefa11bed90d611b660

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
2264055
edge-cache-tag
305210218507038855225318021322074689226,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Thu, 23 Jan 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f9934b88f7908f28b6f78909de7d41.gif
content-length
20497
x-served-by
cache-hhn4036-HHN, cache-hhn4074-HHN
last-modified
Mon, 23 Dec 2019 08:22:49 GMT
server
cloudinary
x-timer
S1581905862.854645,VS0,VE0
etag
"6a71562d6d180416c932c3d02680a12e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4
before-and-after-photos-1-taboola.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/ Frame 0192 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7e74b25c27284e106b463ca6e8b0e6fb7e2dbb14c9948d9b466d37cabde26ac4

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 02:17:41 GMT
via
1.1 varnish, 1.1 varnish
age
1560072
edge-cache-tag
381034242475585623403948544998000885563,507842782944220752304688722208192589828,29ecf9b93bbf306179626feeda1fab70
status
200
expiration
expiry-date="Fri, 14 Feb 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_223%2Cw_400%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//s3.amazonaws.com/boredom-therapy-image-bucket/img2/before-and-after-photos-1-taboola.jpg
content-length
14205
x-served-by
cache-hhn4021-HHN, cache-hhn4074-HHN
last-modified
Tue, 14 Jan 2020 09:19:15 GMT
server
cloudinary
x-timer
S1581905862.855502,VS0,VE0
etag
"8cdd32aa649939de9b92a290325d01a5"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 4
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 6A59 		254 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.gazetaexpress.com
URL: http://www.gazetaexpress.com/
Protocol
HTTP/1.1
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
http://www.gazetaexpress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Via
1.1 varnish
Age
10017
X-Cache
HIT
Date
Mon, 17 Feb 2020 02:17:41 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
X-Served-By
cache-hhn4065-HHN
Last-Modified
Wed, 24 Jun 2015 07:14:11 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
X-Timer
S1581905862.543351,VS0,VE0
ETag
"dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-request-id
29D722C296265892
Cache-Control
private,max-age=31536000
Accept-Ranges
bytes
Content-Type
image/png
abp
1
X-Cache-Hits
3932

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gazetaexpress.com
URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/intersbc-webfont.woff
Domain
www.gazetaexpress.com
URL
https://www.gazetaexpress.com/wp-content/themes/gazetaexpress/fonts/intersbc-webfont.ttf
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTQyNjQ1MmJlLWJjYjYtNDdmZi1hYTVjLTU4NDEwZmFlMGJkYg%3D%3D&pt=gross&stid=029f1604-d9ce-427e-b49d-ccf975cd579d&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=426452be-bcb6-47ff-aa5c-58410fae0bdb&nocache=1581905855824&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=300x250&divIds=pa-adtag-1581905855454&auid=540924443&
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=89618fa8-96de-4267-b800-401bfafd6e71&nocache=1581905855829&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=970x250&divIds=pa-adtag-1581905855472&auid=540924442&
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPTg5NjE4ZmE4LTk2ZGUtNDI2Ny1iODAwLTQwMWJmYWZkNmU3MQ%3D%3D&pt=gross&stid=24d97b47-c52e-4825-8ac0-e79d9acd2684&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPTQxOTc2NjNkLThiNzgtNGViZi1hMjZhLTNhZDVjNDVjYmVlMA%3D%3D&pt=gross&stid=66bfde25-d1dc-401f-8097-ab4fd74b1654&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=4197663d-8b78-4ebf-a26a-3ad5c45cbee0&nocache=1581905855836&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=970x250&divIds=pa-adtag-1581905855452&auid=540924442&
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=0ef16be1-7e28-4959-9246-b6664dc3b1c8&nocache=1581905855844&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=300x250&divIds=pa-adtag-1581905855416&auid=540924443&
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0MyZ0cmFuc2FjdGlvbklkPTBlZjE2YmUxLTdlMjgtNDk1OS05MjQ2LWI2NjY0ZGMzYjFjOA%3D%3D&pt=gross&stid=80bec083-b176-4be0-b9bf-0cf770182a58&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTcwNjY0NiZ0cmFuc2FjdGlvbklkPTAwZmUxMTVhLWU1NTctNDQ2ZC05MWM3LWNlY2IxMmI3MzQzYQ%3D%3D&pt=gross&stid=75579817-9f2f-4f52-ab76-567ab56140b0&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=00fe115a-e557-446d-91c7-cecb12b7343a&nocache=1581905855852&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=300x600%2C300x250&divIds=pa-adtag-1581905855469&auid=540924444&
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTcyMDEzNiZ0cmFuc2FjdGlvbklkPTg2Njk4NmQwLTM1NTUtNDgwMi1hNzg5LTFlZDk4ZTQ3MjBhZA%3D%3D&pt=gross&stid=176ac653-dc39-4172-bc96-ccf83eeacc2f&gdpr=true&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&fd=1
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
projectagora-d.openx.net
URL
https://projectagora-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.gazetaexpress.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=866986d0-3555-4802-a789-1ed98e4720ad&nocache=1581905855856&gdpr_consent=BOS22d1OS22d1AGABAENBfAAAAAgmAAA&gdpr=1&x_gdpr_f=1&aus=970x250&divIds=pa-adtag-1581905855467&auid=540924442&
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| biskoInitializer object| bisko object| gjdmp object| _atrk_opts function| $ function| jQuery function| documentInitOneSignal object| OneSignal string| reqCountry number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| condLabels object| allowedCountry object| adUnits object| pbjs function| initAdserver function| pbjsChunk object| __core-js_shared__ object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _qevents object| _fbq function| fbq object| bootstrap object| jQuery112401807487873594924 function| _ object| wp object| _oneSignalInitOptions object| TWAGORAINARTICLE function| atrk boolean| _atrk_fired number| google_srt undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id string| site_name function| P object| ProjectAgora object| validRules boolean| check number| max_priority object| teadsscript function| quantserve function| __qc object| ezt object| _qoptions function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| google_image_requests string| txt function| postscribe function| __cmp boolean| done object| _sp_ object| teads object| GoogleGcLKhOms object| TRC number| taboola_view_id function| arrive function| unbindArrive function| leave function| unbindLeave

5 Cookies

Domain/Path Name / Value
.gazetaexpress.com/ Name: _sp_enable_dfp_personalized_ads
Value: false
.gazetaexpress.com/ Name: __cfduid
Value: ded1897bb0bfb677fc1aa0e210a4d61cf1581905856
www.gazetaexpress.com/ Name: consentUUID
Value: cff641fe-b190-4756-b8c7-2bfb1bce244f
.gjirafa.com/ Name: _fbp
Value: fb.1.1581905856263.635891202
.gazetaexpress.com/ Name: _fbp
Value: fb.1.1581905855784.1860484588

5 Console Messages

Source Level URL
Text
console-api log URL: https://www.gazetaexpress.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api log (Line 6)
Message:
element .item-label-href arrived
console-api log (Line 6)
Message:
element .item-label-href arrived

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a406190bf272525d71f7883e06a5e264a.profile.lax3-c3.cloudfront.net
aa.agkn.com
ad.doubleclick.net
ads.projectagoraservices.com
adservice.google.com
adservice.google.de
adx.adform.net
adxbid.info
aj1431.online
ams.creativecdn.com
an.facebook.com
b.scorecardresearch.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
cdn.onesignal.com
cdn.taboola.com
cdn77.aj1431.online
cds.taboola.com
certify.alexametrics.com
cloudfront-labs.amazonaws.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
d2zv5rkii46miq.cloudfront.net
d31qbv1cthcecs.cloudfront.net
dm.hybrid.ai
edge.quantserve.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gjstatic.blob.core.windows.net
hbopenbid.pubmatic.com
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
images.taboola.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.taboola.com
match.zorosrv.com
message909.gazetaexpress.com
ml314.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
prg.smartadserver.com
projectagora-d.openx.net
projectagora.net
projectagoralibs.com
px.powerlinks.com
rtb.mfadsrvr.com
rules.quantcount.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sourcepoint.mgr.consensu.org
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
sync.teads.tv
t.teads.tv
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
twpasol.com
u.openx.net
us-u.openx.net
video.gjirafa.com
www.facebook.com
www.gazetaexpress.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.storygize.net
www.summerhamster.com
x.bidswitch.net
adx.adform.net
hbopenbid.pubmatic.com
ib.adnxs.com
projectagora-d.openx.net
www.gazetaexpress.com
104.111.214.103
104.26.1.156
104.26.15.74
13.225.78.112
13.79.176.48
141.226.224.32
143.204.94.78
147.75.102.200
151.101.114.2
151.101.114.49
151.101.14.49
172.217.18.162
172.217.18.98
178.250.0.165
18.196.229.216
18.202.164.200
184.31.88.106
185.184.8.30
185.29.133.199
185.33.223.215
185.59.220.21
185.86.138.32
192.132.33.46
195.181.175.46
2.16.186.51
2.18.232.7
212.124.124.165
216.58.210.6
23.45.237.36
2600:9000:2156:f200:17:5578:e080:21
2600:9000:21f3:5800:6:44e3:f8c0:93a1
2606:4700:3030::6818:6d7c
2606:4700:3030::681b:b5b8
2606:4700:3034::6818:7eaa
2606:4700:3037::6812:3d5e
2606:4700::6812:e234
2a00:1450:4001:806::200e
2a00:1450:4001:808::200a
2a00:1450:4001:816::2001
2a00:1450:4001:819::2003
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9c
2a02:2638::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
34.95.120.147
34.96.108.236
35.156.112.30
35.162.160.88
35.190.72.21
37.18.16.16
40.113.136.100
52.16.75.38
52.208.195.87
52.28.51.75
52.5.141.0
52.57.76.228
52.59.100.228
52.94.234.174
54.93.148.19
69.173.144.136
69.173.144.140
74.214.194.139
91.228.74.176
91.228.74.179
99.84.201.217
02757d53179a86b474d0a406b1eaaf1ff53cc755be7d5ba9586adafa8ec3a621
027cc4cc8d2a4493dff095420bef3681aa29ff71989343b7b18485f58aae345b
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
0779208115af9752c3b9ff60d7d6dbe8ca0d1704357a45b1af916621521fcc8a
095bb3fb4588f4f076fa80f288d400b22fdbc8b2b4d9c359659fb033759abf8b
09ed4ea86a32243448c09f2d6946bad013875754a715790ce82e4c40c7edeb27
09f7ec321b3b57c5ea57733824614d5b2bf433d47bec7120e898a3d85918c3f3
0a7d6c1dd2e4c49c4e2548122f090c25597695cf9b709be6a6a80599a2f2f932
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b4167f25b3f53d588dc3a6da96e55d3e066accd79a1c0d1857b7e3f6446670d
0c9875803b8b2435e210cbdc7b0ee7a9d12c7b6ab319b76745f975e13778da4d
0d6ab0f20b77e0663f317f443f73cc2391bf8511951afb0539c8798a2365ef61
0dad323d6bd3beb582a7e1d94b09897505c344afeb150d9cada21f1369e1b75a
0e1dd854b29438df779b28e403f82f57c0cfbcd675ac2d1b37a9ecc6dc65b41c
109aad1c1044563a7fa1a28de7943f7ec67fad5bfab9d3b536da7e959d2917c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1194c1d29ca7cd11f79be59b08fdca876dbed47faf13c6932ec89e338c9c607a
11a1d3850f9b2a184d243e0a2897af8359a51ba52ab2d3048f04e935f64f0fcc
120fb2279d5061dd4a428f935fdf10c09e95c1f2ec0346f7aaf6c8b7f382cf49
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
16e86f16bd7a5997e6031e5dd47b67b07903d3a2225ac9e573d4204d75c3f964
1737dbf50330e3e550f3d07b82e63214b733c1ac9ff8a3760bf21310dcad32d2
17a8a3c0187c323400fae97f281297a650b9911768f12f6f844ad6deb0e6a625
189cb6ba045b563fdb69e7771e9a037bcfb7593cf60896fe77601e731f82040d
18f5e98b78de21ddb40f6a5ad4fb0bf6d04753306521640bec62c3877226d0a6
1902e85de08c6db6c7f8d1963c9812c07a238151d58be56000930a74bc7166fe
1aec1687cbf79abf1b4cd381880ccaa3fb5f026c058f15d35576c67a63cc1583
1af75344a3c58703523ea517239fb2e61d94e90e3824a5751a873723103e2905
1bf43e84b2527a8c0202813ab4a281ce67bbe8ccd144e5d8e74cc2ac281f3357
1dd72c02b19345aab616e0a95c5f65f85ef875a3483f69afa8067c960485a576
1f16801a0c0b615a188c441ac9b0fda68fb0749b7a9ad1603e3a94514b1f27fd
2026812faf7fc3f1b59861a84f6730b4befb26f4c1a7f51af588ec723bfcd6ff
2109570086eab4792fa1f574e94554cdf8b23a4847953afba5f71fbeb812df38
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
230b89ed05e6b82bf7c59b480e051e5b5103db4cabd545f714cd66156ce628b9
24376a1df61762fec1f4df93d406f28e85a5020be4c13c5db1f2b506e6b8fa47
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
25c0ec8bd6e21fca06448644f94cefd062846094951b91c872338365e4a3d913
27775a4a17160c844d79f5bcb0fb493288e825754320f6ffc2fb59a7805f260e
277802e037faedce189264ade1145f485ee3b807792d6e4a23b321b3d22ebee8
2a2f34bad58293c5e78eb8d0074ab1900080990b34353d5f5bbc7ec9a0d08769
2c6cf15d875e5ea7de4e80c8e8f0de2dff8fd5c3887517a690193a4216244b9f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0fa29b5f67a0d0f3111de6b21a2f17add419ce106540c1a4de52133a771fa2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7accd0933d44583c6e684a0e671391df12674913765f009887f7c40b4c0848
325a7cd696c3bcf9ee45cc69b4a1d81de0fe470ee199615c1a537856f7aaccc9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ca967dbe247055121fa02bf02b8437e09e67522c23e1e3e4ecb60be6065ecd
342773fa0d89481ec7521bd4994beaa6145a54c1b35a1c4f3033bdec36dcd01a
3788c96dda33edf195e73ba5dfa3a0707fbbcce6b9ac614933e090302a9ea7dd
38152aa9ff8f1d5b6361c05def97b427a7cef0176655e3d8b105ae504b15f9fe
3fd3cb349de57c2cd424e99fd38ad73d169aef68c0bab46ef507ec5fff5c9e54
415150d54cfd87b42df1d0bcb799e083e23fe21bd246778da24feb23ef9f53d6
430eeed0076e4b943d324406f5402477e3878768474537eec934106d356b7161
43d37ef036d4eb4bf36da8c26729b11bc347e8a2dbbd642f491c85ed89b1bf35
45895e4d23fe6ad7eedcf717c2be508226651dad5f0994243934ac0eb0f81bfa
45e3a85321564f66d13e4ab3f3785de91e08f9d4a86113f53c2f139a33d058a3
4810303e513855de9e3a87ef49f5c3e4f4df184a8af914489ac4414f7e55dba5
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
495c4334f0487bd444019ac4679aa6d82a43844e09cec16d762d0186951deaf5
49b394306f7340e77b7b1043ba2098db117b8b6898f358fcdf0781a50831afb7
49d4aefa6e25a931dfd5a9deb38021a8cad50659224a4b3b3bf256985e1242bb
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4bc071a53088d81540b654b7eb8db560f58bd233162f86500c32a328ef4edff5
4de08678ef17f65a0cdffc4ad20e4d355cbeed3eb827654c44de1082564805ce
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52f6baa4367d3492023611c8c777e5e3a1de46e3e7649457367a2606a6429096
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
57c327bd7257e02d4308a019fe7d69901537036567e15320c767f1c7eb64b8ed
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5b6876ed52502d4f4e5bc2cb1f6438ccc1a503003e6f10aa98c464f694ef2c46
60a6793e2a5b79a24da26057cc8088555eeb0d8767b7ab9649111902320ed516
60d4174765d57e27c2e81270309f1fc699acfd07b543ac9bc1e36e1b1aa60aba
61f17d8978659e536176cfaf194f512d4aa0e01b2174942b0e69f9029430d6b0
62a860bebb86a4e430e341bab8a9b4c7a432072410697df4885bf962fd633fee
655e777fe9c302f5e58831e18e4beb5bfe7508e24b9d58b0a5c7f5d8678a6fd6
663833fa8df4d25248fbde41dd1d6d69eaf126c23cc55616050173cef845d9b0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668cea380468aed5a3498a9165bad53e267091bb26376b1f6d28b410f272cbf2
693d33bcfba537c0afaf11c7e94693c32c4a4c3cb9cabd639f7e1cb313d600a2
6ad27dd88549f4464d1846e5a30d4d646eba05730498722481ebdd1e4ea3a4ec
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7218114d0d81063f6a3df319cbea6b5d633f243459767b7e505e0aa563f1082c
72c2624c22fbf82f951fe9e9fd57a71eb384dc361e3a086dadbad0b9ef483ff4
73067813a731e393ee1a486d06a4d6ab198c441e0b325c76e558777997c7d80d
7385bfde4c121c81486ba15fd68e6d02058b8dde2853b57c79d4088d53aed62b
73c8180d1998460b559dee08da2ff6e3acf7a093090cc30bd43d8446006cfac6
7418ca45128044009c95d8eb0b9c02421f842edbf48983373c1bda9603956afd
7463f4d5711bbdeee19f2f57d07fe57614372505dfd3e08144883cbdea152dd9
75d8123861eb05f843af822d875f255d2578965d0974366b191ed99c2b09a24a
76a90135a3f44e3108f3a857d9bc86327de6be031917368293a94cd5a6935ef8
77392f8766632c2c7384609a5a5b7f759c4d5dad0e9d60e54fe7da82e5a51394
7ada7793497070a2a5a79f8bb82b780a198e95e90f58ca8ec414867f5be69488
7adbb6525d5618b941b4b1fa341feb3a90658271fd5cd75bdb9a11fd3ef3e29b
7e74b25c27284e106b463ca6e8b0e6fb7e2dbb14c9948d9b466d37cabde26ac4
823f57b2ffc3028051eb423339d385048e02d10db96d1438ad91ea4e5e18577f
82825a7acfd098ec5103140ba9c6543105e53f0cb77fbc6834d0e6877d9b6af5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837bd9a1c018813e0b44cf2d8dab0771160d0239e83c83fed707b041767e6d78
842542e571b27f1586b2472b0f927e13973b6b47e5d9fe345abfd2436eb24fe6
85121a60fa28046f20d9a0f53aa7f48389804115c109dd8c1ad24b2316483d2e
85656b0838d7e74f61060d85a8a804a676e9a8604a34cdc7eb116b13761df63d
857cdd7b121ec550c80f59857a7ac120a96a198891b1accbc4bf4478a3a19836
85db0d8fd5bd2dfd7094217b9903bf6a7778883792e8cfabd5fa843fa8493b2d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a21faa053f757bd5d40ddb20c97d4394ffc9b87dc84009a22fbbb451dc61ef6
8b33661efa88eebf2137745080b02cad8df8b3f375b3d58e0012f4357b977bbf
8bad263b7120723b2674d437aa779ee432dabd8e42c3e404ca126826f2b0e143
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d207a477226b283dc07dc414dba49f80224469ca61b349983c270cc59c47430
8d3ef662ef1abbe35e99cb4162bc1a7fd194f9029b6d6885e43a6284e2146b30
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d7e23f57aaa93fb2758d37d747d84b63dde2cf1352ee37d009c260199912cbd
8ef50cddb888afae7c438fcb4003034536d79209d9e1e41bf3d73d215195ec56
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9096329a599e94711d7cc6eaee01464f944a9f38a762127d9a8a00ebfad9d5e9
90cbe3fcd91913282ff0c668297e4b77ce48f7a5b8b0f2c2b3ebceee550273a4
91534b2da211f4cae9d472b6505592b7e915b79b6e99cb6a0f582de0467b06f5
921d0ab254f847e586c615b3b122fecd3ef82dc10b94968227bdaf6c57db8bbf
9298d7ff919963f07457100ce24d3a2d5e4c015f162c5798a7c9480e07e41024
92b97bc424518fa6a2d9d9adeef307ef6e96a18f1c7d603204e76f4191d6bd33
9308360025d2767f6d54151f33a590062e58a2900e68208fa5cb948ed0c1eef2
9317fc42ed29b3ae5c925c9d1fb98a4310f793eae1f91ec4cefb8721e353efb2
9609fabd46b8f8d9639034973dd314d749faaf7f184881a18d2698529bc90845
972ec4c1dcd377058048db35de4ee42a44b4d379b15c781f016a63c89100e1e7
97c5dd94228b72d1146ae67229667ebd8e59ec2c81b8d71a8f1ffa0632066222
999f5e35226d951294677ead57900c14c19422fdf47206c78d020b1f3dd63f5e
9a2f24e0d64a2a4c9c50af8f610f2c15b739787b9069dc8801abfd4a78379fc7
9a43da37e3657dee8b2824752a921ae0a9caec2d2bbc5326927661fb46531952
9a918a0ca431da8346cf760db4c2684fe74f41420c20f71b0187064448608ae1
9ad82719277b64e16edc496382e11a018f8b8b0b0e4641d5a9717c9b60c77ea7
9b7f5d8ff8dba1e4dc8b0a2080c491c4e9f503a9d4f89d416a0ce1f037485e3f
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
9dde00583784e2fdc1844f508484e07903850efb006e94122b0be49b30789bb1
9ec3a43fec230e7c81dffcfdc3636b16862c7aff7733848cb19f4c52183fc9c6
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a457677ee1bc67d246a143dbe7ccd8471eef2530fc45dd39186f892ac88c1da9
a5e730035ca3aa8ea7179a7a19bcc00cad9fd0a66baa98823c1ccabd77e7a677
a5e8d7232901bcbdd34037cb5fe7431bf18d2cdb5c37a36505df0ff2e4109f5d
a6dfc57f8b00f3f3f894e1481e1af6c6eaa7c8f5b25ed5b620572038ae924744
a73d4aaf837115ccdbcca31529f4a4961c468a79dd1ea6eeab3fe0b2dad5bde4
a80ed123fc6e616e3595c2172616add173dfb5085f72f4811f10bb45c35c1c1e
a85e35c7e6a7f4e3d042d3bda22c6028568b27874353a9209d061c71590b9513
a8e267790a62ea876197b6e4ba3de2adbe4f0663b39aa2f5d3643d9bdbe05b7e
a980ae1b3e8754977e50b84ebc09eb799da90354f48d055caf339f28fe443c36
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab8246d9e1bd096d5c9b345b39e8d7d9d466f3dcdfc31c02942968a4f5bf6a6a
ae3a2a5d29f6552bac005b0ef8961cd8d78250be07f9dbc4f7943e00c16e4c41
aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56
aee4af7c7d2302527db09818e468c91eaebb16ea870b1937a3657620870ec2d0
b008ce77447340aa37a70816898aaa4804b711a4494a1d8d97bd3bcf4850588f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24e59357b9af003aab52aad0fc8e0ad5c263bf2e9b5dd640426e093adc39009
b3d58b5334e8bc4e916f764538dd78c0041269a1c78225bdbf56ab643a40d9b6
b69e8f92ce38eb0c8ed7247e9cefdf5aef919b376bbdb2281e5b3ad040f52dfd
b7f6f755f5421b32de82492c7b00918c6726f108a451a79ec1c94c21f8a372a8
b89282859a51584f32227a29d5cf164f95d4eb6a83acf1f6db66f4490533cf11
b90d0cded9720b6d4c487472776555df0db4914ba5bb91fead64cc826bc2d854
bdfc8660b7bc66e1df0b0d8c7e1b09c83362acfc3d92a0d5bef8179e7878ef61
bf772e070c53de54d1af4344e7ed5224095d5a8fe3ae1fefa11bed90d611b660
bfbb02b2f82750344aa2bc6329085a7550de92926a22a951db6f1629fab862f0
c1c6ba6b3d1250174b1a972112190661fe7311a2b4418f008d60faf7f381b7c3
c313320efb8c431fcfe3ce7afa7c92c09b944ecd074068e570e08d309b134521
c5488add290e710a21c6bcf670b5abdb8d60f39ae78d2adc6289b4702eadda22
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8fb7a8194728b9c16058a207355d712d9dc78ed439465322f5357e6acf30fd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cca5e738569785e8f9ec3c3961150dae38c1616a0a3fb5be8eb6f42461b2860c
ce314178842e6606a8ff7626000deca961d99324be36eceba70a8df5f8f21c40
d044fecc0e91a164d3247cd739feca4561083b08e970c3ebf802fbf99dbbcf60
d0c4724644b4d79860e426dd2360a9ea2fe208f9a66d8c0bd8d21f902dddb76e
d2eadbbae6d6207ffebab98dbaa39654870a389b2ce7c9aa3b4a8e5d3166002e
d35a468a7c3c456fe0cd824f7399a7fa8ce301934a8901b750862901437916bf
d40a289216e4f4cd8625a456fccbf879b2fadaa332a9da92baf7ebb2bd7f5936
d644ba6034b822f9ab5cb5aa9be1a163edd73e438770c2f060c4db17350efc69
d860bcd49cc302f2ac6948ce99b714152920b39d660a72c82b75aff600967d03
d862834c0bf8f0f687ff0055df54159fee754d7baa11faca1f537d75ea2bd859
d96ada6fa35f3ddd720360a91619e18562a6f102fc287570e76691207beda03e
da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4
daf0a97a34d167436ba407ae4a455fb8bcdba8ec3abb7a026cf4dd9b5cc7bef1
db947ad53d13b2dac5235da03246a4efd74d4d9118700ee70fed45a7a94123bd
dbc9138aefec3cd376bfd7813abc8e03616da9b484594a039a9ee09e29aced03
dbded87a9d772e6958242cbf80ec6931d8030cdf77ac923a3bf5e658162b25c0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddb404cb3ccf107ab6ae80a64c44b00c7356308de345e6084a1f2b3f1b019466
de351fc473ae318125b080f55b476f746f1f2ced13a54d42fbffd74909693b00
dfe8f6126edce1f16e2a149e2c7b5aa912fb44baa10d8dde20d323c38471f7ab
e13ff9521b020d92d02033440eab2c791570e7312b618707de50a02f5a6ba74e
e2e8fb271edbe0b235e43e86d879b28cc14eb437e48362160e71b8ae4f173378
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40ce0930cd0748fb92bc75739f641212565a3f3f2d719c667f90083d07fbaac
e4cea969acd75c4a1d1fd3950c397486ed14625d27777d70a205a8286cae0f3f
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
ed338f2c1bbdb3da8445d027534fe4679e0721f906fcdb97f9d9e91f83511f97
ede1815b17e451c16258034bcf89a7957256c67884aefffefbb97020770fdc06
edf2a6893ba8e69edab45b903e1a432c5bda8ba5e79e7d333919d74398d3582d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
efe33dcc2df517cdd648947e2d644014e8dc13b42813314b7022c430420f24aa
f12a8eb4f4d6768b876b046a761e72f189e76ca74294eb58a11e48b7c40da16f
f1375f40a25ba72a41abb683a650355b08fb242d7bf9b5e0caf0dcb9532c9c8c
f28fadf5d37fc4622fec65b17a2e4c2a601513e98a69448c2fdbcb309955f2aa
f3cc88fa6015b745969d6d353a10c0901d276d679002624eb8aa7c0dd6386b54
f414c6c2a7af37d10afc4d4a65377216199319ad3dcf9a3378cc1cc38e0f47df
f42ff5e1f549389a41c44bb2f4da986f5fa14bb17bb12325f42a5797567dab96
f4344622809a436c0cb33db413543d25cb01382443fb50ae7d32ce63bad9f871
f4d0cc38d06f858b5e63d2b90b03c28af64efc38bfee0ba1cbd522e2b2435ff9
f5057f8b1ced4dc7f9cd6dcad22abdf06e0dd16de9a9d6ad47e6f1bb2e0cf9a7
f539842da420266f49928a8d1c5c36ddafccd31b75339963b249504402375fbf
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f837969465caa758ffac43a98621d29f06efd58ab96129bd16562ef341bf86d0
f87d6235ea7e88cc54c43ada37c80bf955f423cdf352ca05c0838cdd1740e87c
faef3c08902b0fe2604d8b24abe0a0ade380d1dd174a2d84ab3476e87cf47463
fff5d2170c4e98e8cadb17687da6f242cbf5d1fadfcf4017394bf7c1a118bf9e